[jira] [Updated] (RANGER-3774) The usersync lack dependency in assembly file

[Binhua Hu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-3774?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Binhua Hu updated RANGER-3774:
--
Summary: The usersync lack dependency in assembly file  (was: The usersync 
lack dependency in )

> The usersync lack dependency in assembly file
> -
>
> Key: RANGER-3774
> URL: https://issues.apache.org/jira/browse/RANGER-3774
> Project: Ranger
>  Issue Type: Improvement
>  Components: usersync
>Affects Versions: 2.2.0
>Reporter: Binhua Hu
>Priority: Major
>
> When I execute the setup.sh script in usersync's execution directory, the 
> error is as follows,
> {code:java}
> // INFO: moving [/opt/usersync/conf/java_home.sh] to 
> [/opt/usersync/conf/.java_home.sh.24052022154528] ...
> Direct Key not found:SYNC_GROUP_USER_MAP_SYNC_ENABLED
> Direct Key not found:hadoop_conf
> Direct Key not found:ranger_base_dir
> Direct Key not found:USERSYNC_PID_DIR_PATH
> Direct Key not found:rangerUsersync_password
> [I] ranger.usersync.ldap.ldapbindpassword property is verified.
> SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
> SLF4J: Defaulting to no-operation (NOP) logger implementation
> SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
> details.
> log4j:WARN No appenders could be found for logger 
> (org.apache.htrace.core.Tracer).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
> info.
> The alias usersync.ssl.key.password already exists!! Will try to delete first.
> FOUND value of [interactive] field in the Class 
> [org.apache.hadoop.security.alias.CredentialShell] = [true]
> Deleting credential: usersync.ssl.key.password from CredentialProvider: 
> jceks://file/opt/ranger-2.2.0-usersync/conf/rangerusersync.jceks
> Credential usersync.ssl.key.password has been successfully deleted. {code}
> By looking at the assembly file(usersync.xml), I found that slf4j-log4j12 
> dependency is missing



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Updated] (RANGER-3774) The usersync lack dependency in

[Binhua Hu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-3774?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Binhua Hu updated RANGER-3774:
--
Summary: The usersync lack dependency in   (was: The usersync packaged 
products lack dependency)

> The usersync lack dependency in 
> 
>
> Key: RANGER-3774
> URL: https://issues.apache.org/jira/browse/RANGER-3774
> Project: Ranger
>  Issue Type: Improvement
>  Components: usersync
>Affects Versions: 2.2.0
>Reporter: Binhua Hu
>Priority: Major
>
> When I execute the setup.sh script in usersync's execution directory, the 
> error is as follows,
> {code:java}
> // INFO: moving [/opt/usersync/conf/java_home.sh] to 
> [/opt/usersync/conf/.java_home.sh.24052022154528] ...
> Direct Key not found:SYNC_GROUP_USER_MAP_SYNC_ENABLED
> Direct Key not found:hadoop_conf
> Direct Key not found:ranger_base_dir
> Direct Key not found:USERSYNC_PID_DIR_PATH
> Direct Key not found:rangerUsersync_password
> [I] ranger.usersync.ldap.ldapbindpassword property is verified.
> SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
> SLF4J: Defaulting to no-operation (NOP) logger implementation
> SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
> details.
> log4j:WARN No appenders could be found for logger 
> (org.apache.htrace.core.Tracer).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
> info.
> The alias usersync.ssl.key.password already exists!! Will try to delete first.
> FOUND value of [interactive] field in the Class 
> [org.apache.hadoop.security.alias.CredentialShell] = [true]
> Deleting credential: usersync.ssl.key.password from CredentialProvider: 
> jceks://file/opt/ranger-2.2.0-usersync/conf/rangerusersync.jceks
> Credential usersync.ssl.key.password has been successfully deleted. {code}
> By looking at the assembly file(usersync.xml), I found that slf4j-log4j12 
> dependency is missing



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Re: Review Request 73992: RANGER-3767 : Add text message in HDFS and YARN policy pages to highlight the fallback ACL option.

[Mehul Parikh]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73992/#review224465
---


Ship it!




Ship It!

- Mehul Parikh


On May 18, 2022, 1:28 p.m., Dhaval Rajpara wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73992/
> ---
> 
> (Updated May 18, 2022, 1:28 p.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, 
> Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep 
> Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3767
> https://issues.apache.org/jira/browse/RANGER-3767
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> HDFS and YARN policy pages need to show a text message highlighting the 
> fallback ACL option. By default, fallback is enabled for these components. 
> Showing this message in policy page will allow customers to understand the 
> behavior better and decide.
> 
> Message could be something like below.
> 
> "By default, fallback to [HDFS|Yarn] ACLs are enabled. If access cannot be 
> determined by Ranger policies, authorization will fall back to [HDFS|Yarn] 
> ACLs. If this behavior needs to be changed, modify [HDFS plugin config|Yarn 
> plugin config]"
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/webapp/scripts/utils/XAEnums.js 6407b68f3 
>   security-admin/src/main/webapp/scripts/utils/XAUtils.js 37b35d2dd 
>   
> security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js
>  d7ff26da1 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  af7c70a80 
>   
> security-admin/src/main/webapp/templates/policies/RangerPolicyTableLayout_tmpl.html
>  d1ca2a94c 
> 
> 
> Diff: https://reviews.apache.org/r/73992/diff/1/
> 
> 
> Testing
> ---
> 
> Tested that message display properly with HDFS and YARN base policy listing 
> page with there config name.
> 
> 
> Thanks,
> 
> Dhaval Rajpara
> 
>

Re: Review Request 73999: RANGER:3777 Execute permissions required in init scripts to run containers

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73999/#review224464
---


Ship it!




Ship It!

- Madhan Neethiraj


On May 25, 2022, 3:02 a.m., Abhishek  Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73999/
> ---
> 
> (Updated May 25, 2022, 3:02 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, 
> Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3777
> https://issues.apache.org/jira/browse/RANGER-3777
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The init scripts inside dev-support/ranger-docker/scripts do not have execute 
> permissions for owner. 
> Currently ranger and dependent services containers are failing due to absense 
> of required permissions.
> 
> 
> The patch also brings in changes from RANGER-3738 to ranger-2.3.
> 
> 
> Diffs
> -
> 
>   dev-support/ranger-docker/Dockerfile.ranger b11e72666 
>   dev-support/ranger-docker/Dockerfile.ranger-hadoop f25bc0d8d 
>   dev-support/ranger-docker/Dockerfile.ranger-hbase 5a2f056a9 
>   dev-support/ranger-docker/Dockerfile.ranger-hive 31afe33d9 
>   dev-support/ranger-docker/Dockerfile.ranger-kafka 83c41b277 
>   dev-support/ranger-docker/Dockerfile.ranger-knox bc78af9cc 
>   dev-support/ranger-docker/Dockerfile.ranger-tagsync 28dadd424 
>   dev-support/ranger-docker/Dockerfile.ranger-usersync ba7859ede 
>   dev-support/ranger-docker/README.md 248ab1fc9 
> 
> 
> Diff: https://reviews.apache.org/r/73999/diff/2/
> 
> 
> Testing
> ---
> 
> Tested locally.
> 
> 
> Thanks,
> 
> Abhishek  Kumar
> 
>

Re: Review Request 73999: RANGER:3777 Execute permissions required in init scripts to run containers

[Abhishek Kumar]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73999/
---

(Updated May 25, 2022, 3:02 a.m.)


Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-3777
https://issues.apache.org/jira/browse/RANGER-3777


Repository: ranger


Description
---

The init scripts inside dev-support/ranger-docker/scripts do not have execute 
permissions for owner. 
Currently ranger and dependent services containers are failing due to absense 
of required permissions.


The patch also brings in changes from RANGER-3738 to ranger-2.3.


Diffs (updated)
-

  dev-support/ranger-docker/Dockerfile.ranger b11e72666 
  dev-support/ranger-docker/Dockerfile.ranger-hadoop f25bc0d8d 
  dev-support/ranger-docker/Dockerfile.ranger-hbase 5a2f056a9 
  dev-support/ranger-docker/Dockerfile.ranger-hive 31afe33d9 
  dev-support/ranger-docker/Dockerfile.ranger-kafka 83c41b277 
  dev-support/ranger-docker/Dockerfile.ranger-knox bc78af9cc 
  dev-support/ranger-docker/Dockerfile.ranger-tagsync 28dadd424 
  dev-support/ranger-docker/Dockerfile.ranger-usersync ba7859ede 
  dev-support/ranger-docker/README.md 248ab1fc9 


Diff: https://reviews.apache.org/r/73999/diff/2/

Changes: https://reviews.apache.org/r/73999/diff/1-2/


Testing
---

Tested locally.


Thanks,

Abhishek  Kumar

Re: [VOTE] Release Apache Ranger version 2.3.0 - rc0

[PradeeP AgrawaL]

Thank-you Ramesh for putting the Apache Ranger 2.3.0 rc0.

+1 for the Apache Ranger 2.3.0 rc0.
Verified the build of Ranger from the source tar succeeded without any
issues.
Verified the upgrade from ranger 2.1 to 2.3 and existence of
policies/users/groups after the upgrade
Tested the crud operations of service / policies / users and groups

Thanks
Pradeep

On Wed, 25 May 2022 at 06:37, Abhishek Kumar 
wrote:

> Hi All,
>
> Verified clean build of ranger from the source tar file.
>
> ranger-admin and dependent services fail to startup in containers, raised a
> new JIRA to fix the issue here :
> https://issues.apache.org/jira/browse/RANGER-3777
>
> Review available at: https://reviews.apache.org/r/73999/
>
> Verified all containers start fine post applying the above patch from the
> review board.
>
> Thank you Ramesh for putting up ranger 2.3.0 - rc0.
>
> Thanks
> Abhishek
>
> On Tue, May 24, 2022 at 11:26 AM vishal suvagia
>  wrote:
>
> > Thank-you Ramesh for putting the Apache Ranger 2.3.0 rc0.
> >
> > +1 for the Apache Ranger 2.3.0 rc0.
> > clean build Ranger from the source tar succeeded without any issues.
> > verified hashes and signature matching the source file.
> > verified that Ranger Admin came up fine with basic crud operations for
> > service / policies.
> >
> > Thanks
> > Vishal Suvagia.
> >
> > On Friday, 20 May, 2022, 06:25:08 pm IST, Mehul Parikh <
> > xsme...@gmail.com> wrote:
> >
> >  +1 for Apache Ranger 2.3.0-rc0
> >
> >   - Verified signatures
> >   - Verified successful build
> >   - Verified install and start of Ranger with Postgres DB.
> >   - Verified CRUD of Policies / Services / Security Zones
> >
> >
> > Thanks and Regards,
> > Mehul Parikh
> >
> > On Fri, May 20, 2022 at 3:29 AM Ramesh Mani  wrote:
> >
> > > Dear Rangers,
> > >
> > > Apache Ranger 2.3.0 release candidate #0 is now available for a vote
> > within
> > > the dev community. Links to the release artifacts are given below.
> Please
> > > review and vote.
> > >
> > > The vote will be open for at least 72 hours or until necessary votes
> are
> > > reached.
> > >  [ ] +1 approve
> > >  [ ] +0 no opinion
> > >  [ ] -1 disapprove (and reason why)
> > >
> > > Thanks,
> > > Ramesh
> > >
> > > List of all issues / improvements addressed in this release:
> > > https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> > > status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
> > >
> > > Git tag for the release:
> > > https://github.com/apache/ranger/tree/release-2.3.0-rc0
> > >
> > > Sources for the release:
> > >
> > >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz
> > >
> > > Source release verification:
> > >  PGP Signature:
> > >
> > >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.asc
> > >  SHA256 Hash:
> > >
> > >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha256
> > >  SHA512 Hash:
> > >
> > >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha512
> > >
> > > Keys to verify the signature of the release artifacts are available at:
> > > https://dist.apache.org/repos/dist/release/ranger/KEYS
> > >
> > > New features/enhancements:
> > >
> > > RANGER-2846 Add support for resource[volume, bucket, key] look up in
> > ozone
> > > plugin
> > > RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> > > RANGER-3023 Permission tab takes longer time to load with large number
> of
> > > users and group_users data
> > > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > > RANGER-3182 Prestosql is renamed to Trino
> > > RANGER-3221 Improve logging in Presto plugin
> > > RANGER-3276 Remove duplicate code from buildks.java
> > > RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> > > RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> > > RANGER-3298 Add coarse URI check for Hive Agent
> > > RANGER-3389 Swagger UI Support for Ranger REST API
> > > RANGER-3435 Add unique index on guid, service and zone_id column of
> > > x_policy table
> > > RANGER-3439 Add rest api to get or delete ranger policy based on guid
> > > RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect
> to
> > > knox logout page
> > > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > > RANGER-3475 Promote TagRest endpoints to /public/v2
> > > RANGER-3487 Update underscore js with latest version.
> > > RANGER-3493 Add unique index on service and resource_signature column
> of
> > > x_policy table
> > > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > > RANGER-3504 Create framework to execute DB patch dependent on Java
> patch.
> > > RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> > > RANGER-3511 Create Java patch to update policy resource-signature to
> > unique
> > > value.
> > > RANGER-3512 Create Java patch to update policy guid to unique value.
> > > RANGER-3515 Enhance Ranger Java client SSL 

[jira] [Commented] (RANGER-3772) Add dnsjava-2.1.7 dependency for trino plugin

[Aakash Nand (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17541778#comment-17541778
 ] 

Aakash Nand commented on RANGER-3772:
-

[~rmani] thank you for the comment, I have filled in the other details. 

> Add dnsjava-2.1.7 dependency for trino plugin 
> --
>
> Key: RANGER-3772
> URL: https://issues.apache.org/jira/browse/RANGER-3772
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.3.0
>Reporter: Aakash Nand
>Priority: Critical
>  Labels: Trino
> Attachments: 
> 0001-RANGER-3772-Add-dnsjava-dependency-to-trino-plugin.patch
>
>
> The 2.3.0 version has upgraded the Hadoop dependency for various plugins and 
> the current Hadoop version 3.3.0 gives problems because of Illegal access 
> warnings. See
> https://issues.apache.org/jira/browse/HADOOP-17317
> To solve this trino plugin needs dnsjava-2.1.7 dependency. Following is the 
> log
>  
> {code:java}
> 2022-05-23T08:29:17.467Z ERROR main io.trino.server.Server Unable to create 
> injector, see the following errors:
> 1) Error injecting constructor, java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:44)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.lambda$create$0(RangerSystemAccessControlFactory.java:45)
> while locating 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl
> 1 error
> com.google.inject.CreationException: Unable to create injector, see the 
> following errors:
> 1) Error injecting constructor, java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:44)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.lambda$create$0(RangerSystemAccessControlFactory.java:45)
> while locating 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl
> 1 error
> at 
> com.google.inject.internal.Errors.throwCreationExceptionIfErrorsExist(Errors.java:543)
> at 
> com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:186)
> at 
> com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:109)
> at com.google.inject.Guice.createInjector(Guice.java:87)
> at io.airlift.bootstrap.Bootstrap.initialize(Bootstrap.java:262)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.create(RangerSystemAccessControlFactory.java:53)
> at 
> io.trino.security.AccessControlManager.createSystemAccessControl(AccessControlManager.java:182)
> at 
> java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
> at 
> java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948)
> at 
> java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
> at 
> java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
> at 
> java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
> at 
> java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> at 
> java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
> at 
> io.trino.security.AccessControlManager.loadSystemAccessControl(AccessControlManager.java:151)
> at io.trino.server.Server.doStart(Server.java:135)
> at io.trino.server.Server.lambda$start$0(Server.java:80)
> at io.trino.$gen.Trino_37320220523_082857_1.run(Unknown Source)
> at io.trino.server.Server.start(Server.java:80)
> at io.trino.server.TrinoServer.main(TrinoServer.java:38)
> Caused by: java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:67)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl$$FastClassByGuice$$f94a7f6a.newInstance()
> at 
> com.google.inject.internal.DefaultConstructionProxyFactory$FastClassProxy.newInstance(DefaultConstructionProxyFactory.java:89)
> at 
> com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:114)
> at 
> com.google.inject.internal.ConstructorInjector.access$000(ConstructorInjector.java:32)
> at 
> com.google.inject.internal.ConstructorInjector$1.call(ConstructorInjector.java:98)
> at 
> com.google.inject.internal.ProvisionListenerStackCallback$Provision.provision(ProvisionListenerStackCallback.java:112)
> at io.airlift.bootstrap.LifeCycleModule.provision(LifeCycleModule.java:54)
> at 
> 

Re: Review Request 73997: RANGER-3772: Add dnsjava-2.1.7 dependency for trino plugin

[Aakash Nand]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73997/
---

(Updated May 25, 2022, 1:52 a.m.)


Review request for ranger and Ramesh Mani.


Bugs: RANGER-3772
https://issues.apache.org/jira/browse/RANGER-3772


Repository: ranger


Description
---

The 2.3.0 version has upgraded the Hadoop dependency for various plugins and 
the current Hadoop version 3.3.0 gives problems because of Illegal access 
warnings. See

https://issues.apache.org/jira/browse/HADOOP-17317

To solve this trino plugin needs dnsjava-2.1.7 dependency


Diffs
-

  distro/src/main/assembly/plugin-trino.xml 540088e1f 
  plugin-trino/pom.xml 741ef337e 
  pom.xml 7c793728c 


Diff: https://reviews.apache.org/r/73997/diff/1/


Testing
---


Thanks,

Aakash Nand

[jira] [Commented] (RANGER-3755) Build Plugin-Trino artifacts only with JDK 11

[William Lam (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17541771#comment-17541771
 ] 

William Lam commented on RANGER-3755:
-

Hi,

I tried using ranger-2.3.0 and ranger-3.0.0 with "mvn clean compile package 
assembly:assembly -P ranger-trino-plugin" and "mvn clean compile package 
assembly:assembly -P ranger-jdk11" but still don't have trino tar in the target 
folder.

 

Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /opt/maven-3.6.3
Java version: 11.0.15, vendor: Red Hat, Inc., runtime: 
/usr/lib/jvm/java-11-openjdk-11.0.15.0.10-2.el8_6.x86_64
Default locale: en, platform encoding: UTF-8
OS name: "linux", version: "4.18.0-348.20.1.el8_5.x86_64", arch: "amd64", 
family: "unix"

 

Could you advise how to build the project?

> Build Plugin-Trino artifacts only with JDK 11
> -
>
> Key: RANGER-3755
> URL: https://issues.apache.org/jira/browse/RANGER-3755
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 3.0.0, 2.2.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 3.0.0, 2.3.0
>
>
> Plugin Trino needs jdk 11 and about to compile and build. In order to avoid 
> build issue in Apache Ranger when including Plugin Trino, we need to enable a 
> profile so that default build of Apache Ranger will use JDK 1.8 and Plugin 
> Trino and its artifacts can be build with JDK 11 profile.
> To build Plugin Trino artifacts following command can be executed.
>  mvn  clean compile package -P ranger-trino-plugin



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Re: [VOTE] Release Apache Ranger version 2.3.0 - rc0

[Abhishek Kumar]

Hi All,

Verified clean build of ranger from the source tar file.

ranger-admin and dependent services fail to startup in containers, raised a
new JIRA to fix the issue here :
https://issues.apache.org/jira/browse/RANGER-3777

Review available at: https://reviews.apache.org/r/73999/

Verified all containers start fine post applying the above patch from the
review board.

Thank you Ramesh for putting up ranger 2.3.0 - rc0.

Thanks
Abhishek

On Tue, May 24, 2022 at 11:26 AM vishal suvagia
 wrote:

> Thank-you Ramesh for putting the Apache Ranger 2.3.0 rc0.
>
> +1 for the Apache Ranger 2.3.0 rc0.
> clean build Ranger from the source tar succeeded without any issues.
> verified hashes and signature matching the source file.
> verified that Ranger Admin came up fine with basic crud operations for
> service / policies.
>
> Thanks
> Vishal Suvagia.
>
> On Friday, 20 May, 2022, 06:25:08 pm IST, Mehul Parikh <
> xsme...@gmail.com> wrote:
>
>  +1 for Apache Ranger 2.3.0-rc0
>
>   - Verified signatures
>   - Verified successful build
>   - Verified install and start of Ranger with Postgres DB.
>   - Verified CRUD of Policies / Services / Security Zones
>
>
> Thanks and Regards,
> Mehul Parikh
>
> On Fri, May 20, 2022 at 3:29 AM Ramesh Mani  wrote:
>
> > Dear Rangers,
> >
> > Apache Ranger 2.3.0 release candidate #0 is now available for a vote
> within
> > the dev community. Links to the release artifacts are given below. Please
> > review and vote.
> >
> > The vote will be open for at least 72 hours or until necessary votes are
> > reached.
> >  [ ] +1 approve
> >  [ ] +0 no opinion
> >  [ ] -1 disapprove (and reason why)
> >
> > Thanks,
> > Ramesh
> >
> > List of all issues / improvements addressed in this release:
> > https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> > status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
> >
> > Git tag for the release:
> > https://github.com/apache/ranger/tree/release-2.3.0-rc0
> >
> > Sources for the release:
> >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz
> >
> > Source release verification:
> >  PGP Signature:
> >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.asc
> >  SHA256 Hash:
> >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha256
> >  SHA512 Hash:
> >
> >
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha512
> >
> > Keys to verify the signature of the release artifacts are available at:
> > https://dist.apache.org/repos/dist/release/ranger/KEYS
> >
> > New features/enhancements:
> >
> > RANGER-2846 Add support for resource[volume, bucket, key] look up in
> ozone
> > plugin
> > RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> > RANGER-3023 Permission tab takes longer time to load with large number of
> > users and group_users data
> > RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> > RANGER-3182 Prestosql is renamed to Trino
> > RANGER-3221 Improve logging in Presto plugin
> > RANGER-3276 Remove duplicate code from buildks.java
> > RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> > RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> > RANGER-3298 Add coarse URI check for Hive Agent
> > RANGER-3389 Swagger UI Support for Ranger REST API
> > RANGER-3435 Add unique index on guid, service and zone_id column of
> > x_policy table
> > RANGER-3439 Add rest api to get or delete ranger policy based on guid
> > RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
> > knox logout page
> > RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> > RANGER-3475 Promote TagRest endpoints to /public/v2
> > RANGER-3487 Update underscore js with latest version.
> > RANGER-3493 Add unique index on service and resource_signature column of
> > x_policy table
> > RANGER-3498 RANGER : Remove log4j1 dependencies.
> > RANGER-3504 Create framework to execute DB patch dependent on Java patch.
> > RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> > RANGER-3511 Create Java patch to update policy resource-signature to
> unique
> > value.
> > RANGER-3512 Create Java patch to update policy guid to unique value.
> > RANGER-3515 Enhance Ranger Java client SSL config to be configured using
> > serviceType and AppId
> > RANGER-3518 Limit the query size stored in Audit logs
> > RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
> > 6797
> > RANGER-3526 policy evaluation ordering to use name as secondary sorting
> key
> > RANGER-3533 Provide sorting on columns throughout the audits result set
> and
> > policy listing page.
> > RANGER-3538 Reduce the granularity of locking when building/retrieving a
> > policy-engine within Ranger admin service
> > RANGER-3539 Add jacoco-maven-plugin for code coverage
> > RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> > RANGER-3545 Remove Logger Checks for 

Re: Review Request 73999: RANGER:3777 Execute permissions required in init scripts to run containers

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73999/#review224463
---




dev-support/ranger-docker/README.md
Lines 31 (patched)


Steps #3 and #4 are covered by #5 earlier. Earlier approach enables 
building Ranger in a clean build env i.e.. with sources from specific branch by 
ignoring changes in local git repo (by setting BUILD_HOST_SRC=false).

I think the new steps can be added as an option in README, but shouldn't 
replace existing one.


- Madhan Neethiraj


On May 25, 2022, 12:01 a.m., Abhishek  Kumar wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73999/
> ---
> 
> (Updated May 25, 2022, 12:01 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, 
> Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3777
> https://issues.apache.org/jira/browse/RANGER-3777
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> The init scripts inside dev-support/ranger-docker/scripts do not have execute 
> permissions for owner. 
> Currently ranger and dependent services containers are failing due to absense 
> of required permissions.
> 
> 
> The patch also brings in changes from RANGER-3738 to ranger-2.3.
> 
> 
> Diffs
> -
> 
>   dev-support/ranger-docker/Dockerfile.ranger b11e72666 
>   dev-support/ranger-docker/Dockerfile.ranger-hadoop f25bc0d8d 
>   dev-support/ranger-docker/Dockerfile.ranger-hbase 5a2f056a9 
>   dev-support/ranger-docker/Dockerfile.ranger-hive 31afe33d9 
>   dev-support/ranger-docker/Dockerfile.ranger-kafka 83c41b277 
>   dev-support/ranger-docker/Dockerfile.ranger-knox bc78af9cc 
>   dev-support/ranger-docker/Dockerfile.ranger-tagsync 28dadd424 
>   dev-support/ranger-docker/Dockerfile.ranger-usersync ba7859ede 
>   dev-support/ranger-docker/README.md 248ab1fc9 
> 
> 
> Diff: https://reviews.apache.org/r/73999/diff/1/
> 
> 
> Testing
> ---
> 
> Tested locally.
> 
> 
> Thanks,
> 
> Abhishek  Kumar
> 
>

[jira] [Updated] (RANGER-3777) Fix execute permissions for all docker init scripts

[Abhishek Kumar (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-3777?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhishek Kumar updated RANGER-3777:
---
Affects Version/s: 2.3.0
   (was: 2.2.0)

> Fix execute permissions for all docker init scripts  
> -
>
> Key: RANGER-3777
> URL: https://issues.apache.org/jira/browse/RANGER-3777
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.3.0
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 2.3.0
>
>
> Currently all init scripts inside dev-support/ranger-docker/scripts don't 
> have execute permissions necessary to launch the services from containers. 
> The fix is to include the permissions in respective Dockerfiles.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Commented] (RANGER-3777) Fix execute permissions for all docker init scripts

[Abhishek Kumar (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17541761#comment-17541761
 ] 

Abhishek Kumar commented on RANGER-3777:


[In Review|https://reviews.apache.org/r/73999/]

> Fix execute permissions for all docker init scripts  
> -
>
> Key: RANGER-3777
> URL: https://issues.apache.org/jira/browse/RANGER-3777
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 2.3.0
>
>
> Currently all init scripts inside dev-support/ranger-docker/scripts don't 
> have execute permissions necessary to launch the services from containers. 
> The fix is to include the permissions in respective Dockerfiles.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Review Request 73999: RANGER:3777 Execute permissions required in init scripts to run containers

[Abhishek Kumar]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73999/
---

Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, 
Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-3777
https://issues.apache.org/jira/browse/RANGER-3777


Repository: ranger


Description
---

The init scripts inside dev-support/ranger-docker/scripts do not have execute 
permissions for owner. 
Currently ranger and dependent services containers are failing due to absense 
of required permissions.


The patch also brings in changes from RANGER-3738 to ranger-2.3.


Diffs
-

  dev-support/ranger-docker/Dockerfile.ranger b11e72666 
  dev-support/ranger-docker/Dockerfile.ranger-hadoop f25bc0d8d 
  dev-support/ranger-docker/Dockerfile.ranger-hbase 5a2f056a9 
  dev-support/ranger-docker/Dockerfile.ranger-hive 31afe33d9 
  dev-support/ranger-docker/Dockerfile.ranger-kafka 83c41b277 
  dev-support/ranger-docker/Dockerfile.ranger-knox bc78af9cc 
  dev-support/ranger-docker/Dockerfile.ranger-tagsync 28dadd424 
  dev-support/ranger-docker/Dockerfile.ranger-usersync ba7859ede 
  dev-support/ranger-docker/README.md 248ab1fc9 


Diff: https://reviews.apache.org/r/73999/diff/1/


Testing
---

Tested locally.


Thanks,

Abhishek  Kumar

[jira] [Created] (RANGER-3777) Fix execute permissions for all docker init scripts

[Abhishek Kumar (Jira)]

Abhishek Kumar created RANGER-3777:
--

 Summary: Fix execute permissions for all docker init scripts  
 Key: RANGER-3777
 URL: https://issues.apache.org/jira/browse/RANGER-3777
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 2.2.0
Reporter: Abhishek Kumar
Assignee: Abhishek Kumar
 Fix For: 2.3.0


Currently all init scripts inside dev-support/ranger-docker/scripts don't have 
execute permissions necessary to launch the services from containers. 

The fix is to include the permissions in respective Dockerfiles.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Commented] (RANGER-3772) Add dnsjava-2.1.7 dependency for trino plugin

[Ramesh Mani (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17541672#comment-17541672
 ] 

Ramesh Mani commented on RANGER-3772:
-

[~aakashnand]  Please include "ranger" group and Bug details in the request. In 
this way ranger team members will also take a look at it for review and 
approval. Please check other review request to see the fields that are filled. 
Thanks.

> Add dnsjava-2.1.7 dependency for trino plugin 
> --
>
> Key: RANGER-3772
> URL: https://issues.apache.org/jira/browse/RANGER-3772
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.3.0
>Reporter: Aakash Nand
>Priority: Critical
>  Labels: Trino
> Attachments: 
> 0001-RANGER-3772-Add-dnsjava-dependency-to-trino-plugin.patch
>
>
> The 2.3.0 version has upgraded the Hadoop dependency for various plugins and 
> the current Hadoop version 3.3.0 gives problems because of Illegal access 
> warnings. See
> https://issues.apache.org/jira/browse/HADOOP-17317
> To solve this trino plugin needs dnsjava-2.1.7 dependency. Following is the 
> log
>  
> {code:java}
> 2022-05-23T08:29:17.467Z ERROR main io.trino.server.Server Unable to create 
> injector, see the following errors:
> 1) Error injecting constructor, java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:44)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.lambda$create$0(RangerSystemAccessControlFactory.java:45)
> while locating 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl
> 1 error
> com.google.inject.CreationException: Unable to create injector, see the 
> following errors:
> 1) Error injecting constructor, java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:44)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.lambda$create$0(RangerSystemAccessControlFactory.java:45)
> while locating 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl
> 1 error
> at 
> com.google.inject.internal.Errors.throwCreationExceptionIfErrorsExist(Errors.java:543)
> at 
> com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:186)
> at 
> com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:109)
> at com.google.inject.Guice.createInjector(Guice.java:87)
> at io.airlift.bootstrap.Bootstrap.initialize(Bootstrap.java:262)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.create(RangerSystemAccessControlFactory.java:53)
> at 
> io.trino.security.AccessControlManager.createSystemAccessControl(AccessControlManager.java:182)
> at 
> java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
> at 
> java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948)
> at 
> java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
> at 
> java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
> at 
> java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
> at 
> java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
> at 
> java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
> at 
> io.trino.security.AccessControlManager.loadSystemAccessControl(AccessControlManager.java:151)
> at io.trino.server.Server.doStart(Server.java:135)
> at io.trino.server.Server.lambda$start$0(Server.java:80)
> at io.trino.$gen.Trino_37320220523_082857_1.run(Unknown Source)
> at io.trino.server.Server.start(Server.java:80)
> at io.trino.server.TrinoServer.main(TrinoServer.java:38)
> Caused by: java.lang.RuntimeException: 
> java.lang.reflect.InvocationTargetException
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.(RangerSystemAccessControl.java:67)
> at 
> org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl$$FastClassByGuice$$f94a7f6a.newInstance()
> at 
> com.google.inject.internal.DefaultConstructionProxyFactory$FastClassProxy.newInstance(DefaultConstructionProxyFactory.java:89)
> at 
> com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:114)
> at 
> com.google.inject.internal.ConstructorInjector.access$000(ConstructorInjector.java:32)
> at 
> com.google.inject.internal.ConstructorInjector$1.call(ConstructorInjector.java:98)
> at 
> 

Re: [VOTE] Release Apache Ranger version 2.3.0 - rc0

[vishal suvagia]

Thank-you Ramesh for putting the Apache Ranger 2.3.0 rc0.

+1 for the Apache Ranger 2.3.0 rc0.
clean build Ranger from the source tar succeeded without any issues.
verified hashes and signature matching the source file.
verified that Ranger Admin came up fine with basic crud operations for service 
/ policies.

Thanks
Vishal Suvagia. 

On Friday, 20 May, 2022, 06:25:08 pm IST, Mehul Parikh  
wrote:  
 
 +1 for Apache Ranger 2.3.0-rc0

  - Verified signatures
  - Verified successful build
  - Verified install and start of Ranger with Postgres DB.
  - Verified CRUD of Policies / Services / Security Zones


Thanks and Regards,
Mehul Parikh

On Fri, May 20, 2022 at 3:29 AM Ramesh Mani  wrote:

> Dear Rangers,
>
> Apache Ranger 2.3.0 release candidate #0 is now available for a vote within
> the dev community. Links to the release artifacts are given below. Please
> review and vote.
>
> The vote will be open for at least 72 hours or until necessary votes are
> reached.
>  [ ] +1 approve
>  [ ] +0 no opinion
>  [ ] -1 disapprove (and reason why)
>
> Thanks,
> Ramesh
>
> List of all issues / improvements addressed in this release:
> https://issues.apache.org/jira/issues/?jql=project=RANGER AND
> status=Resolved AND fixVersion=2.3.0 ORDER BY key DESC
>
> Git tag for the release:
> https://github.com/apache/ranger/tree/release-2.3.0-rc0
>
> Sources for the release:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz
>
> Source release verification:
>  PGP Signature:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.asc
>  SHA256 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha256
>  SHA512 Hash:
>
> https://dist.apache.org/repos/dist/dev/ranger/2.3.0-rc0/apache-ranger-2.3.0.tar.gz.sha512
>
> Keys to verify the signature of the release artifacts are available at:
> https://dist.apache.org/repos/dist/release/ranger/KEYS
>
> New features/enhancements:
>
> RANGER-2846 Add support for resource[volume, bucket, key] look up in ozone
> plugin
> RANGER-2967 Add support for Amazon CloudWatch Logs as an Audit Store
> RANGER-3023 Permission tab takes longer time to load with large number of
> users and group_users data
> RANGER-3030 Replace Findbugs with Spotbugs maven plugin
> RANGER-3182 Prestosql is renamed to Trino
> RANGER-3221 Improve logging in Presto plugin
> RANGER-3276 Remove duplicate code from buildks.java
> RANGER-3290 ArrayIndexOutOfBoundsException if solr is down
> RANGER-3299 Upgrading the bouncycastle version for bcprov-jdk15on
> RANGER-3298 Add coarse URI check for Hive Agent
> RANGER-3389 Swagger UI Support for Ranger REST API
> RANGER-3435 Add unique index on guid, service and zone_id column of
> x_policy table
> RANGER-3439 Add rest api to get or delete ranger policy based on guid
> RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to
> knox logout page
> RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8
> RANGER-3475 Promote TagRest endpoints to /public/v2
> RANGER-3487 Update underscore js with latest version.
> RANGER-3493 Add unique index on service and resource_signature column of
> x_policy table
> RANGER-3498 RANGER : Remove log4j1 dependencies.
> RANGER-3504 Create framework to execute DB patch dependent on Java patch.
> RANGER-3510 Ranger upgrade spring framework version to 5.3.12
> RANGER-3511 Create Java patch to update policy resource-signature to unique
> value.
> RANGER-3512 Create Java patch to update policy guid to unique value.
> RANGER-3515 Enhance Ranger Java client SSL config to be configured using
> serviceType and AppId
> RANGER-3518 Limit the query size stored in Audit logs
> RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC
> 6797
> RANGER-3526 policy evaluation ordering to use name as secondary sorting key
> RANGER-3533 Provide sorting on columns throughout the audits result set and
> policy listing page.
> RANGER-3538 Reduce the granularity of locking when building/retrieving a
> policy-engine within Ranger admin service
> RANGER-3539 Add jacoco-maven-plugin for code coverage
> RANGER-3540 Add support to read audit logs from Amazon CloudWatch
> RANGER-3545 Remove Logger Checks for Info Enabled
> RANGER-3548 Update performance engine test scripts
> RANGER-3550 support for using user/tag attributes in row-filter expressions
> and conditions
> RANGER-3551 Analyze & optimize module permissions related API
> RANGER-3553 Unit test coverage for XUserMgr and UserMgr class
> RANGER-3556 Ranger tagsync logs unnecessary messages
> RANGER-3561 Upgrade Storm version to 1.2.4
> RANGER-3562 Redesign post commit tasks for updating ref-tables when
> policy/role is updated
> RANGER-3565 RangerRESTClient to support retry
> RANGER-3567 support for use of user attributes in policy resources
> RANGER-3569 Support Ranger KMS integration with Google cloud HSM
> RANGER-3573 Add vim in docker base image
> RANGER-3577 RANGER : Upgrade POI 

[GitHub] [ranger] cgkbfrd opened a new pull request, #149: make control to create schema

[GitBox]

cgkbfrd opened a new pull request, #149:
URL: https://github.com/apache/ranger/pull/149

   I cannot understand why to control schema in catalog level，that means user 
can not control to create scehma in scehma level. so I change the control level 
of create schema.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@ranger.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (RANGER-3776) upgrade_admin.py is broken

[kirby zhou (Jira)]

kirby zhou created RANGER-3776:
--

 Summary: upgrade_admin.py is broken
 Key: RANGER-3776
 URL: https://issues.apache.org/jira/browse/RANGER-3776
 Project: Ranger
  Issue Type: Bug
  Components: admin
Affects Versions: 3.0.0, 2.3.0
Reporter: kirby zhou


As  described in security-admin/scripts/upgrade.sh, upgrade_admin.py should 
generate install configuration based on the current installation. But it seems 
broken now.

It want to read a lot of non-exsit conf files under /etc/ranger/admin/, such as 
 * /etc/ranger/admin/conf/xa_system.properties
 * /etc/ranger/admin/conf/xa_ldap.properties
 * /etc/ranger/admin/conf/ranger_jaas/unixauth.properties
 * /etc/ranger/admin/conf/ranger_webserver.properties

 

 



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Created] (RANGER-3775) Logback.xml has been incorrectly modified by RANGER-3704.

[kirby zhou (Jira)]

kirby zhou created RANGER-3775:
--

 Summary: Logback.xml has been incorrectly modified by RANGER-3704.
 Key: RANGER-3775
 URL: https://issues.apache.org/jira/browse/RANGER-3775
 Project: Ranger
  Issue Type: Bug
  Components: admin
Reporter: kirby zhou


{code:java}
git show 361f179249 | filterdiff -i '*/logback.xml'
diff --git a/security-admin/src/main/webapp/WEB-INF/logback.xml 
b/security-admin/src/main/webapp/WEB-INF/logback.xml
index 997f3bc59..53cdc49cf 100644
--- a/security-admin/src/main/webapp/WEB-INF/logback.xml
+++ b/security-admin/src/main/webapp/WEB-INF/logback.xml
@@ -80,7 +80,7 @@
   
     
   
-  
+  
     
   
    {code}
These changes seems not related to the issue RANGER-3704.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Commented] (RANGER-3774) The usersync packaged products lack dependency

[Binhua Hu (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-3774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17541346#comment-17541346
 ] 

Binhua Hu commented on RANGER-3774:
---

I suggest adding slf4j-log4j12 dependency to the 2.2.0 version

> The usersync packaged products lack dependency
> --
>
> Key: RANGER-3774
> URL: https://issues.apache.org/jira/browse/RANGER-3774
> Project: Ranger
>  Issue Type: Improvement
>  Components: usersync
>Affects Versions: 2.2.0
>Reporter: Binhua Hu
>Priority: Major
>
> When I execute the setup.sh script in usersync's execution directory, the 
> error is as follows,
> {code:java}
> // INFO: moving [/opt/usersync/conf/java_home.sh] to 
> [/opt/usersync/conf/.java_home.sh.24052022154528] ...
> Direct Key not found:SYNC_GROUP_USER_MAP_SYNC_ENABLED
> Direct Key not found:hadoop_conf
> Direct Key not found:ranger_base_dir
> Direct Key not found:USERSYNC_PID_DIR_PATH
> Direct Key not found:rangerUsersync_password
> [I] ranger.usersync.ldap.ldapbindpassword property is verified.
> SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
> SLF4J: Defaulting to no-operation (NOP) logger implementation
> SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
> details.
> log4j:WARN No appenders could be found for logger 
> (org.apache.htrace.core.Tracer).
> log4j:WARN Please initialize the log4j system properly.
> log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
> info.
> The alias usersync.ssl.key.password already exists!! Will try to delete first.
> FOUND value of [interactive] field in the Class 
> [org.apache.hadoop.security.alias.CredentialShell] = [true]
> Deleting credential: usersync.ssl.key.password from CredentialProvider: 
> jceks://file/opt/ranger-2.2.0-usersync/conf/rangerusersync.jceks
> Credential usersync.ssl.key.password has been successfully deleted. {code}
> By looking at the assembly file(usersync.xml), I found that slf4j-log4j12 
> dependency is missing



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Created] (RANGER-3774) The usersync packaged products lack dependency

[Binhua Hu (Jira)]

Binhua Hu created RANGER-3774:
-

 Summary: The usersync packaged products lack dependency
 Key: RANGER-3774
 URL: https://issues.apache.org/jira/browse/RANGER-3774
 Project: Ranger
  Issue Type: Improvement
  Components: usersync
Affects Versions: 2.2.0
Reporter: Binhua Hu


When I execute the setup.sh script in usersync's execution directory, the error 
is as follows,
{code:java}
// INFO: moving [/opt/usersync/conf/java_home.sh] to 
[/opt/usersync/conf/.java_home.sh.24052022154528] ...
Direct Key not found:SYNC_GROUP_USER_MAP_SYNC_ENABLED
Direct Key not found:hadoop_conf
Direct Key not found:ranger_base_dir
Direct Key not found:USERSYNC_PID_DIR_PATH
Direct Key not found:rangerUsersync_password
[I] ranger.usersync.ldap.ldapbindpassword property is verified.
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
details.
log4j:WARN No appenders could be found for logger 
(org.apache.htrace.core.Tracer).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
The alias usersync.ssl.key.password already exists!! Will try to delete first.
FOUND value of [interactive] field in the Class 
[org.apache.hadoop.security.alias.CredentialShell] = [true]
Deleting credential: usersync.ssl.key.password from CredentialProvider: 
jceks://file/opt/ranger-2.2.0-usersync/conf/rangerusersync.jceks
Credential usersync.ssl.key.password has been successfully deleted. {code}
By looking at the assembly file(usersync.xml), I found that slf4j-log4j12 
dependency is missing



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Review Request 73998: RANGER-3773: commons-cli is duplicated in agents-installer/pom.xml

[Kirby Zhou]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73998/
---

Review request for ranger, Bhavik Bavishi and Ramesh Mani.


Bugs: RANGER-3773
https://issues.apache.org/jira/browse/RANGER-3773


Repository: ranger


Description
---

maven can not build ranger-2.3.0 with following errors:

```
[WARNING] Some problems were encountered while building the effective model for 
org.apache.ranger:ranger-plugins-installer:jar:2.3.0
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
be unique: commons-cli:commons-cli:jar -> duplicate declaration of version 
${commons.cli.version} @ line 41, column 21

```


Diffs
-

  agents-installer/pom.xml 4bda29d8b47bae17c48e1349d8863655d48261c7 


Diff: https://reviews.apache.org/r/73998/diff/1/


Testing
---

Done


Thanks,

Kirby Zhou

[jira] [Created] (RANGER-3773) commons-cli is duplicated in agents-installer/pom.xml

[kirby zhou (Jira)]

kirby zhou created RANGER-3773:
--

 Summary: commons-cli is duplicated in agents-installer/pom.xml
 Key: RANGER-3773
 URL: https://issues.apache.org/jira/browse/RANGER-3773
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Affects Versions: 3.0.0, 2.3.0
Reporter: kirby zhou


maven can not build ranger-2.3.0 with following errors:
{code:java}
[WARNING] Some problems were encountered while building the effective model for 
org.apache.ranger:ranger-plugins-installer:jar:2.3.0
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
be unique: commons-cli:commons-cli:jar -> duplicate declaration of version 
${commons.cli.version} @ line 41, column 21
 {code}
{code:java}
]$ git blame agents-installer/pom.xml 
3c59734236 (Dilli Dorai Arumugam 2014-09-17 13:05:16 -0700  1) 
99c462d2c3 (Dilli Dorai Arumugam 2014-10-13 17:46:47 -0700  2) 
^7defc061d (Owen O'Malley        2014-08-14 13:48:58 -0700 18) http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/xsd/maven-4.0.0.xsd;>
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 19)     
4.0.0
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 20)     
ranger-plugins-installer
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 21)     
Installer Support Component
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 22)     
Security Plugins Installer
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 23)     
jar
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 24)     
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 25)         
org.apache.ranger
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 26)         
ranger
38f7cc98dd (Ramesh Mani          2022-05-19 09:39:38 -0700 27)         
2.3.0
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 28)         
..
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 29)     
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 30)     

4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 31)         

df5a95e1be (Colm O hEigeartaigh  2016-04-25 11:46:25 +0100 32)             
commons-cli
df5a95e1be (Colm O hEigeartaigh  2016-04-25 11:46:25 +0100 33)             
commons-cli
df5a95e1be (Colm O hEigeartaigh  2016-04-25 11:46:25 +0100 34)             
${commons.cli.version}
4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 35)         

35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 36)         

35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 37)             
org.apache.commons
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 38)             
commons-compress
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 39)             
${commons.compress.version}
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 40)         

35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 41)         

35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 42)             
commons-cli
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 43)             
commons-cli
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 44)             
${commons.cli.version}
35c8bc3923 (Ramesh Mani          2021-10-24 21:25:23 -0700 45)         

4bc45ee038 (Colm O hEigeartaigh  2016-01-26 11:06:27 -0500 46)     

^7defc061d (Owen O'Malley        2014-08-14 13:48:58 -0700 47) 
{code}



--
This message was sent by Atlassian Jira
(v8.20.7#820007)