-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58034/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-1482
https://issues.apache.org/jira/browse/RANGER-1482
Repository: ranger
Description
-------
When KMS default policies are created as part of KMS repo creation, two service
users (defined by Ranger-Admin configuration variables in
ranger-admin-site.xml, viz ranger.kms.service.user.hdfs and
ranger.kms.service.user.hive) are expected to be pre-created. They are
precreated when Ranger is installed with Ambari. For manual installation of
Ranger, they may not have been pre-created before KMS repo is created.
The fix is to parse default policies that need to be created to find any
users/groups that do not exist in Ranger, and create them before attempting to
create default policies.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
2a9c003
Diff: https://reviews.apache.org/r/58034/diff/1/
Testing
-------
Provided non-existent user-names as values of ranger.kms.service.user.hdfs and
ranger.kms.service.user.hive configuration variables, and successfully created
a KMS repo. The users configured as ranger.kms.service.user.hdfs and
ranger.kms.service.user.hive were created in Ranger.
Thanks,
Abhay Kulkarni
