Sailesh Mukil created IMPALA-7072:
-------------------------------------
Summary: Kudu's kinit does not support auth_to_config rules with
Heimdal kerberos
Key: IMPALA-7072
URL: https://issues.apache.org/jira/browse/IMPALA-7072
Project: IMPALA
Issue Type: Bug
Components: Security
Affects Versions: Impala 2.12.0
Reporter: Sailesh Mukil
On deployments that use Heimdal kerberos configured with 'auth_to_local' rules
set, and with the Impala startup flag 'use_kudu_kinit'= true, the auth_to_local
rules will not be respected as it's not supported with Kudu's kinit.
The implication of this is that from Impala 2.12.0 onwards, clusters with the
above configuration will not be able to use KRPC with kerberos enabled.
A workaround is to get rid of the auth_to_local rules for such deployments.
We need to have a good long term solution to fix this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
