Alejandro Fernandez created AMBARI-15773:
--------------------------------------------
Summary: Password must not by displayed by UpgradeItem and Stage
resources in the API
Key: AMBARI-15773
URL: https://issues.apache.org/jira/browse/AMBARI-15773
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.2.2
Reporter: Alejandro Fernandez
Assignee: Alejandro Fernandez
Priority: Blocker
Fix For: 2.2.2
STR:
* Install ambari-server-2.2.2.0-391 (ambari-server --hash:
8b49b71d5ef602e1252049fbc970958fbe05806e)
* Install HDP 2.3 or 2.4
* Install another version in order to perform RU or EU
* Use the API to navigate to
http://server:8080/api/v1/clusters/cl1/upgrades/##/upgrade_groups/1/upgrade_items/1
Notice that the output contains the ambari_db_rca_password in plaintext,
{code}
"host_params" :
"{\"agent_stack_retry_count\":\"5\",\"agent_stack_retry_on_unavailability\":\"false\",\"ambari_db_rca_driver\":\"org.postgresql.Driver\",\"ambari_db_rca_password\":\"bigdatacustom\",\"ambari_db_rca_url\":\"jdbc:postgresql://172.22.117.211:5432/ambaricustom\",\"ambari_db_rca_username\":\"ambaricustomuser\",\"current_version\":\"2.4.0.0-169\",\"db_driver_filename\":\"mysql-connector-java.jar\",\"db_name\":\"ambaricustom\",\"host_sys_prepped\":\"false\",\"java_home\":\"/usr/jdk64/jdk1.8.0_60\",\"java_version\":\"8\",\"jdk_location\":\"http://os-s11-4-snjlmu-ambari-se-eu-3-5.novalocal:8080/resources/\",\"mysql_jdbc_url\":\"http://os-s11-4-snjlmu-ambari-se-eu-3-5.novalocal:8080/resources//mysql-connector-java.jar\",\"not_managed_hdfs_path_list\":\"[\\\"/apps/hive/warehouse\\\",\\\"/apps/falcon\\\",\\\"/mr-history/done\\\",\\\"/app-logs\\\",\\\"/tmp\\\"]\",\"oracle_jdbc_url\":\"http://os-s11-4-snjlmu-ambari-se-eu-3-5.novalocal:8080/resources//ojdbc6.jar\",\"stack_name\":\"HDP\",\"stack_version\":\"2.4\"}";,
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
