[jira] [Assigned] (AMBARI-25788) Ambari server keeps generating keytabs even with KerberosServerAction#OperationType.CREATE_MISSING option.

[Brahma Reddy Battula (Jira)]

     [ 
https://issues.apache.org/jira/browse/AMBARI-25788?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Brahma Reddy Battula reassigned AMBARI-25788:
---------------------------------------------

    Assignee: YUBI LEE

> Ambari server keeps generating keytabs even with 
> KerberosServerAction#OperationType.CREATE_MISSING option.
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-25788
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25788
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.7.6
>         Environment: Ambari 2.7.6
>            Reporter: YUBI LEE
>            Assignee: YUBI LEE
>            Priority: Major
>         Attachments: image-2022-12-01-07-59-28-503.png
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> !image-2022-12-01-07-59-28-503.png|width=649,height=302!
> When regenerating keytabs, I found an issue that ambari server keeps 
> generating new keytabs, not reusing already created keytabs even with "only 
> regenerate keytabs for missing hosts and components" checkbox selected.
> With investigation, I found that `cached_keytab_path` has all NULL value in 
> `kerberos_principal`.
> e.g.
> {code:java}
> mysql> select * from kerberos_principal;
> +------------------------------------------------------------+------------+----------------------------------------------------------------------------------------------------+
> | principal_name                                             | is_service | 
> cached_keytab_path
>                                                                         |
> +------------------------------------------------------------+------------+----------------------------------------------------------------------------------------------------+
> | HTTP/host1.example....@example.com           |          1 | NULL |
> | HTTP/host2.example....@example.com           |          1 | NULL |
> | HTTP/host3.example....@example.com           |          1 | NULL |
> ...
> {code}
> There is a bug in `CreateKeytabFilesServerAction#processIdentity`. It doesn't 
> update `cached_keytab_path` if `previousCachedFilePath` is null.
> I will make a PR for this soon.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ambari.apache.org
For additional commands, e-mail: issues-h...@ambari.apache.org