[jira] [Commented] (RANGER-842) Allow PAM for authentication

Tue, 07 Jun 2016 13:07:40 -0700 

    [ 
https://issues.apache.org/jira/browse/RANGER-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15319257#comment-15319257
 ] 

Selvamohan Neethiraj commented on RANGER-842:
---------------------------------------------

[~bolke] -  I and Ramesh tested this patch with a build setup on a separate 
Apache branch (ranger-842-tester).  This patch requires "security/pam_appl.h" 
header file for it to successfully build. Do you know if we can have this as a 
pre-request for the build machines ?  Currently, the build machines do not have 
this - see log from  
https://builds.apache.org/job/ranger-ranger842-mvn-build/1/console

{code}
[INFO] --- native-maven-plugin:1.0-alpha-8:compile (default-compile) @ 
credValidator ---
[INFO] /bin/sh -c cd 
/home/jenkins/jenkins-slave/workspace/ranger-ranger842-mvn-build/unixauthnative 
&& gcc 
-I/home/jenkins/jenkins-slave/workspace/ranger-ranger842-mvn-build/unixauthnative/src/main/c
 -o 
/home/jenkins/jenkins-slave/workspace/ranger-ranger842-mvn-build/unixauthnative/target/objs/credValidator.o
 -c 
/home/jenkins/jenkins-slave/workspace/ranger-ranger842-mvn-build/unixauthnative/src/main/c/credValidator.c
/home/jenkins/jenkins-slave/workspace/ranger-ranger842-mvn-build/unixauthnative/src/main/c/credValidator.c:25:31:
 fatal error: security/pam_appl.h: No such file or directory
 #include <security/pam_appl.h>
                               ^
compilation terminated.
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Skipping ranger
[INFO] This project has been banned from the build due to previous failures.
[INFO] ------------------------------------------------------------------------

.....


[INFO] Unix Native Authenticator ......................... FAILURE [0.728s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
{code}

cc:  [~rmani]

> Allow PAM for authentication
> ----------------------------
>
>                 Key: RANGER-842
>                 URL: https://issues.apache.org/jira/browse/RANGER-842
>             Project: Ranger
>          Issue Type: Improvement
>          Components: admin
>    Affects Versions: 0.5.1, 0.6.0
>            Reporter: Bolke de Bruin
>              Labels: authentication, security
>             Fix For: 0.5.1, 0.6.0
>
>         Attachments: 0002-RANGER-842-pam-authentication.patch
>
>
> Ranger currently uses shadow based authentication if configured for unix 
> authentication. This way of authenticating is somewhat outdated as any recent 
> Linux system (and many of the BSDs) have PAM available. PAM allows multiple 
> authentication sources and also does authorization.
> Ranger should be able to use PAM for authentication



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to