liujiayi771 opened a new pull request #46: [RANGER-2671] unlink core-site.xml in usersync conf before chown and chmod URL: https://github.com/apache/ranger/pull/46 If we run setup.sh in usersync a second time, the setup.py in usersync folder will change the permissions to 0750 and owner to ranger:ranger of hadoop core-site.xml. This will affect other software that needs to read core-site.xml, for example, hiveserver2 will fail to start because it does not have permission to read core-site.xml. Ranger should never change the permission or ownership of core-site.xml in hadoop conf dir. The reason why the permissions and owner of core-site.xml are modified is because the following code in unixauthservice/scripts/setup.py ```python for dir in fixPermList: for root, dirs, files in os.walk(dir): os.chown(root, ownerId, groupId) os.chmod(root, 0755) for obj in dirs: dn = join(root, obj) os.chown(dn, ownerId, groupId) os.chmod(dn, 0755) for obj in files: fn = join(root, obj) os.chown(fn, ownerId, groupId) os.chmod(fn, 0750) ``` If we run setup.sh in usersync a second time, there will be a soft link of core-site.xml in /etc/ranger/usersync/conf. In the for loop, it will traverse to /etc/ranger/usersync/conf/core-site.xml, and use os.chown and os.chmod to change the permisson and ownership. We should unlink the soft link of core-site.xml before this for loop. JIRA: https://issues.apache.org/jira/browse/RANGER-2671
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
