Re: Review Request 37523: Handle file permissions for jceks file in umask 027

Tue, 18 Aug 2015 22:46:39 -0700 


> On Aug. 18, 2015, 5:29 p.m., Alejandro Fernandez wrote:
> > Does this also need to go into trunk?

Yes


- Gautam


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37523/#review95740
-----------------------------------------------------------


On Aug. 18, 2015, 9:09 a.m., Gautam Borad wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/37523/
> -----------------------------------------------------------
> 
> (Updated Aug. 18, 2015, 9:09 a.m.)
> 
> 
> Review request for Ambari, Alejandro Fernandez, Mahadev Konar, Sumit Mohanty, 
> Selvamohan Neethiraj, and Velmurugan Periasamy.
> 
> 
> Bugs: AMBARI-12782
>     https://issues.apache.org/jira/browse/AMBARI-12782
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> 1) Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
>  a) Audit to DB fails in a case if Ranger is not installed on same host as 
> that of component host.
>  b) For example Ranger is running on Host1 and Hiveserver2 is running on 
> Host2. Then as /etc/ranger/<repository_name> gets   created and has owner as 
> hive user. However, due to umask setting /etc/ranger gets 750 permission with 
> root:root as owner:group.
>  c) Due to this when hive user tries to read the jceks file to generate 
> audits to DB - it gets permission denied error.
> 2) rectifying ranger_audit_db passwd to be used while creating jceks for 
> Ranger Audit DB
> 
> 
> Diffs
> -----
> 
>   
> ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
>  74f0e83 
>   
> ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
>  c3008aa 
>   
> ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
>  8f8be17 
> 
> Diff: https://reviews.apache.org/r/37523/diff/
> 
> 
> Testing
> -------
> 
> Tested on Centos 6 with Ranger and umask 027
> 
> 
> Thanks,
> 
> Gautam Borad
> 
>

Reply via email to