[
https://issues.apache.org/jira/browse/AMBARI-14460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15068249#comment-15068249
]
Hudson commented on AMBARI-14460:
---------------------------------
SUCCESS: Integrated in Ambari-branch-2.2 #92 (See
[https://builds.apache.org/job/Ambari-branch-2.2/92/])
AMBARI-14460 Enable kerberos security after express upgrade has failed (dsen:
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=ce7f65a4449c78ed9b291912a09b6b284ae37216])
*
ambari-server/src/main/resources/common-services/SLIDER/0.60.0.2.2/package/scripts/slider.py
* ambari-server/src/test/python/stacks/2.2/SLIDER/test_slider_client.py
> Enable kerberos security after express upgrade has failed at Start service
> step because of slider client xml permission.
> ------------------------------------------------------------------------------------------------------------------------
>
> Key: AMBARI-14460
> URL: https://issues.apache.org/jira/browse/AMBARI-14460
> Project: Ambari
> Issue Type: Bug
> Components: ambari-upgrade
> Affects Versions: 2.2.0
> Reporter: Dmytro Sen
> Assignee: Dmytro Sen
> Priority: Critical
> Fix For: 2.2.1
>
> Attachments: AMBARI-14460.patch
>
>
> Upgrade Path 2.3.2.0 -> 2.3.4.0
> Upgrade is successful.
> Issue appearing while enabling security after upgrade is over in start
> services step.
> Service check for slider is also failed when executed on the cluster with
> permission related issue.
> Here is error log
> {code}
> resource_management.core.exceptions.Fail: Execution of '/usr/bin/kinit -kt
> /etc/security/keytabs/smokeuser.headless.keytab [email protected];
> /usr/hdp/current/slider-client/bin/slider list' returned 56. ########
> Hortonworks #############
> This is MOTD message, added for testing in qe infra
> 2015-12-18 07:16:17,826 [main] FATAL conf.Configuration - error parsing conf
> slider-client.xml
> java.io.FileNotFoundException: /etc/slider/2.3.4.0-3485/0/slider-client.xml
> (Permission denied)
> at java.io.FileInputStream.open0(Native Method)
> at java.io.FileInputStream.open(FileInputStream.java:195)
> at java.io.FileInputStream.<init>(FileInputStream.java:138)
> at java.io.FileInputStream.<init>(FileInputStream.java:93)
> at
> sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90)
> at
> sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188)
> at java.net.URL.openStream(URL.java:1038)
> at org.apache.hadoop.conf.Configuration.parse(Configuration.java:2468)
> at
> org.apache.hadoop.conf.Configuration.loadResource(Configuration.java:2539)
> at
> org.apache.hadoop.conf.Configuration.loadResources(Configuration.java:2502)
> {code}
> When I checked the permission of the file on upgrade cluster. It does not
> have read permission for file slider-client.xml for "others". causing service
> check for slider fail.
> {code}
> root@os-d7-dkezlu-ambari-eu-7-5:~# ls -l /etc/slider/2.3.4.0-3485/0/
> total 12
> -rw-r--r-- 1 root root 2375 Dec 18 02:05 log4j.properties
> -rw-r----- 1 root root 41 Dec 18 02:05 slider-client.xml
> -rwxr-xr-x 1 root root 509 Dec 18 02:34 slider-env.sh
> root@os-d7-dkezlu-ambari-eu-7-5:~#
> {code}
> Before upgrade permission was more open
> {code}
> root@os-d7-dkezlu-ambari-eu-7-5:~# ls -l /etc/slider/2.3.2.0-2950/0/
> total 20
> -rw-r--r-- 1 root root 2375 Dec 18 00:38 log4j.properties
> -rw-r--r-- 1 root root 3025 Sep 30 21:11 log4j-server.properties
> -rw-r--r-- 1 root root 41 Dec 18 00:38 slider-client.xml
> -rwxr-xr-x 1 root root 509 Dec 18 03:06 slider-env.sh
> -rw-r--r-- 1 root root 2286 Sep 30 21:11 slider-server.xml
> root@os-d7-dkezlu-ambari-eu-7-5:~#
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
