[ https://issues.apache.org/jira/browse/ZOOKEEPER-2843?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16110220#comment-16110220 ]
maoling commented on ZOOKEEPER-2843: ------------------------------------ I think making this patch as a github pull request would be better for other people's review although very little code modification.more details in: [mailto:https://cwiki.apache.org/confluence/display/ZOOKEEPER/HowToContribute] > auth_to_local should support reading rules from a file > ------------------------------------------------------ > > Key: ZOOKEEPER-2843 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843 > Project: ZooKeeper > Issue Type: Improvement > Reporter: Lionel Cons > Attachments: ZOOKEEPER-2843.patch > > > The current handling of {{zookeeper.security.auth_to_local}} in > {{KerberosName.java}} only supports rules given directly as property value. > These rules must therefore be given on the command line and: > * must be escaped properly to avoid shell expansion > * are visible in the {{ps}} output > It would be much better to put these rules in a file and pass the file path > as the property value. We would then use something like > {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}. > Note that using the {{file:}} prefix allows keeping backward compatibility. -- This message was sent by Atlassian JIRA (v6.4.14#64029)