[ https://issues.apache.org/jira/browse/AMBARI-21418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-21418: ---------------------------------- Affects Version/s: (was: 2.5.0) 2.1.0 > Ambari rebuilds custom auth_to_local rules changing its case sensitiveness > option (/L) depending on the case_insensitive_username_rules. > ---------------------------------------------------------------------------------------------------------------------------------------- > > Key: AMBARI-21418 > URL: https://issues.apache.org/jira/browse/AMBARI-21418 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.1.0 > Reporter: Tomas Sokorai > Assignee: Robert Levas > Fix For: 2.5.2 > > > Ambari changes the auth to local custom rules /L state on rebuild depending > on case_insensitive_username_rules. > How to reproduce: > 1) Kerberize Ambari. > 2) Make sure these kerberos settings are set as follows: > case_insensitive_username_rules = false > manage_auth_to_local = true > 3) Add custom auth_to_local rule: > {code:java} > RULE:[1:$1@$0](.*@HDP01.LOCAL)s/.*/ambari-qa//L > {code} > (NB: HDP01.LOCAL realm was chosen to avoid matching the default kerberos > realm, EXAMPLE.COM in my tests) > 4) Add a new service to the cluster that has kerberos configuration, in my > case, tested with adding Spark2. > 5) After successful service addition, check the auth_to_local mappings again; > the mapping we added in point 3 should now be missing the /L and be: > {code:java} > RULE:[1:$1@$0](.*@HDP01.LOCAL)s/.*/ambari-qa/ > {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029)