[
https://issues.apache.org/jira/browse/AMBARI-12782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14701935#comment-14701935
]
Hudson commented on AMBARI-12782:
---------------------------------
FAILURE: Integrated in Ambari-branch-2.1 #389 (See
[https://builds.apache.org/job/Ambari-branch-2.1/389/])
AMBARI-12782. Handle file permissions for jceks file in umask 027 (Gautam Borad
via alejandro) (afernandez:
http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=569c4a1596f214c6a1475ae8dfee5bb770ac28eb)
*
ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
*
ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
*
ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
> Handle file permissions for jceks file in umask 027
> ---------------------------------------------------
>
> Key: AMBARI-12782
> URL: https://issues.apache.org/jira/browse/AMBARI-12782
> Project: Ambari
> Issue Type: Bug
> Affects Versions: 2.1.1
> Reporter: Gautam Borad
> Assignee: Gautam Borad
> Fix For: 2.1.2
>
> Attachments: AMBARI-12782.patch
>
>
> # Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
> ** Audit to DB fails in a case if Ranger is not installed on same host as
> that of component host.
> ** For example Ranger is running on Host1 and Hiveserver2 is running on
> Host2. Then as /etc/ranger/<repository_name> gets created and has owner as
> hive user. However, due to umask setting /etc/ranger gets 750 permission with
> root:root as owner:group.
> ** Due to this when hive user tries to read the jceks file to generate audits
> to DB - it gets permission denied error.
> # rectifying ranger_audit_db passwd to be used while creating jceks for
> Ranger Audit DB
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
