Review Request 40356: Minimize HDFS and other headless keytab distribution (security concerns)

Mon, 16 Nov 2015 10:13:49 -0800 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40356/
-----------------------------------------------------------

Review request for Ambari and Robert Levas.


Bugs: AMBARI-13695
    https://issues.apache.org/jira/browse/AMBARI-13695


Repository: ambari


Description
-------

Currently, we distribute the **hdfs** headless principal to pretty much every
single host in the cluster.  
Since **hdfs** is a super user in HDFS, if any one of the hdfs keytabs are
compromised on any host, the user can do anything on HDFS.  
We need to revisit and see if we can restrict the number of hosts to which we
distribute the hdfs headless keytab.  
For example, we can perform necessary HDFS operations on one of the master
hosts available, rather than picking an arbitrary client / slave hosts as we
do today.  
Also, we should look into not only hdfs headless keytabs but all other
headless ones like hbase, storm, etc.


Diffs
-----

  
ambari-server/src/main/resources/common-services/ACCUMULO/1.6.1.2.2.0/kerberos.json
 9101005 
  
ambari-server/src/main/resources/common-services/FALCON/0.5.0.2.1/kerberos.json 
8d5923a 
  
ambari-server/src/main/resources/common-services/HBASE/0.96.0.2.0/kerberos.json 
1de417f 
  ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/kerberos.json 
df83969 
  
ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/kerberos.json 
aac1587 
  
ambari-server/src/main/resources/common-services/MAHOUT/1.0.0.2.3/kerberos.json 
91fff4a 
  
ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/kerberos.json 
f9ce38b 
  
ambari-server/src/main/resources/common-services/OOZIE/4.2.0.2.3/kerberos.json 
433aca9 
  ambari-server/src/main/resources/common-services/PIG/0.12.0.2.0/kerberos.json 
PRE-CREATION 
  
ambari-server/src/main/resources/common-services/SLIDER/0.60.0.2.2/kerberos.json
 PRE-CREATION 
  
ambari-server/src/main/resources/common-services/SPARK/1.2.0.2.2/kerberos.json 
57a282a 
  
ambari-server/src/main/resources/common-services/SPARK/1.4.1.2.3/kerberos.json 
PRE-CREATION 
  ambari-server/src/main/resources/common-services/TEZ/0.4.0.2.1/kerberos.json 
PRE-CREATION 
  ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/kerberos.json 
15ad5af 
  ambari-server/src/main/resources/stacks/HDP/2.2/services/YARN/kerberos.json 
b464120 
  
ambari-server/src/main/resources/stacks/HDP/2.3.GlusterFS/services/ACCUMULO/kerberos.json
 9089367 
  
ambari-server/src/main/resources/stacks/HDP/2.3/services/ACCUMULO/kerberos.json 
1315e84 
  ambari-server/src/main/resources/stacks/HDP/2.3/services/TEZ/kerberos.json 
3662ed8 
  ambari-server/src/main/resources/stacks/HDP/2.3/services/YARN/kerberos.json 
e70287a 

Diff: https://reviews.apache.org/r/40356/diff/


Testing
-------

mvn clean test


Thanks,

Andrew Onischuk

Reply via email to