[
https://issues.apache.org/jira/browse/ZOOKEEPER-2843?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16110355#comment-16110355
]
ASF GitHub Bot commented on ZOOKEEPER-2843:
-------------------------------------------
GitHub user LionelCons opened a pull request:
https://github.com/apache/zookeeper/pull/324
ZOOKEEPER-2843: auth_to_local now supports reading rules from a file
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/LionelCons/zookeeper ZOOKEEPER-2843
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zookeeper/pull/324.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #324
----
commit f2f67b5769e53a2147a6866d2121146031fa37ba
Author: Lionel Cons <[email protected]>
Date: 2017-08-02T05:49:17Z
ZOOKEEPER-2843: auth_to_local now supports reading rules from a file
----
> auth_to_local should support reading rules from a file
> ------------------------------------------------------
>
> Key: ZOOKEEPER-2843
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843
> Project: ZooKeeper
> Issue Type: Improvement
> Reporter: Lionel Cons
> Attachments: ZOOKEEPER-2843.patch
>
>
> The current handling of {{zookeeper.security.auth_to_local}} in
> {{KerberosName.java}} only supports rules given directly as property value.
> These rules must therefore be given on the command line and:
> * must be escaped properly to avoid shell expansion
> * are visible in the {{ps}} output
> It would be much better to put these rules in a file and pass the file path
> as the property value. We would then use something like
> {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}.
> Note that using the {{file:}} prefix allows keeping backward compatibility.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
