-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37523/
-----------------------------------------------------------
Review request for Ambari, Alejandro Fernandez, Mahadev Konar, Sumit Mohanty,
Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: AMBARI-12782
https://issues.apache.org/jira/browse/AMBARI-12782
Repository: ambari
Description
-------
1) Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
a) Audit to DB fails in a case if Ranger is not installed on same host as that
of component host.
b) For example Ranger is running on Host1 and Hiveserver2 is running on Host2.
Then as /etc/ranger/<repository_name> gets created and has owner as hive
user. However, due to umask setting /etc/ranger gets 750 permission with
root:root as owner:group.
c) Due to this when hive user tries to read the jceks file to generate audits
to DB - it gets permission denied error.
2) rectifying ranger_audit_db passwd to be used while creating jceks for Ranger
Audit DB
Diffs
-----
ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
74f0e83
ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
c3008aa
ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
8f8be17
Diff: https://reviews.apache.org/r/37523/diff/
Testing
-------
Tested on Centos 6 with Ranger and umask 027
Thanks,
Gautam Borad
