[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17312665#comment-17312665
]
Hadoop QA commented on OOZIE-2779:
--
Testing JIRA OOZIE-2779
Cleaning local git workspace
{color:red}-1{color} Patch failed to apply to head of branch
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17312650#comment-17312650
]
Hadoop QA commented on OOZIE-2779:
--
PreCommit-OOZIE-Build started
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17312640#comment-17312640
]
Rentao Wu commented on OOZIE-2779:
--
This is still a security issue in oozie master. Can this patch be rebased and
merged in?
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16858582#comment-16858582
]
Julia Kinga Marton commented on OOZIE-2779:
---
[~abhishekbafna] can you pleae rebase your patch on top the actual master and
consider [~asalamon74]'s suggestion?
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16816068#comment-16816068
]
Hadoop QA commented on OOZIE-2779:
--
Testing JIRA OOZIE-2779
Cleaning local git workspace
{color:red}-1{color} Patch failed to apply to head of branch
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16816064#comment-16816064
]
Hadoop QA commented on OOZIE-2779:
--
PreCommit-OOZIE-Build started
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16816062#comment-16816062
]
Andras Salamon commented on OOZIE-2779:
---
I think it's a good idea to define the list of options independently for the
action types, but I'm not sure about calling {{toLowerCase()}}. What if a
program has both "-p" and "-P" options and we want to mask only one of them?
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16396448#comment-16396448
]
Hadoop QA commented on OOZIE-2779:
--
Testing JIRA OOZIE-2779
Cleaning local git workspace
{color:red}-1{color} Patch failed to apply to head of branch
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16396441#comment-16396441
]
Hadoop QA commented on OOZIE-2779:
--
PreCommit-OOZIE-Build started
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
>Priority: Major
> Labels: security
> Fix For: trunk
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15898409#comment-15898409
]
Abhishek Bafna commented on OOZIE-2779:
---
Testcase passed locally. Thanks.
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15895797#comment-15895797
]
Hadoop QA commented on OOZIE-2779:
--
Testing JIRA OOZIE-2779
Cleaning local git workspace
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
.{color:green}+1{color} the patch does not introduce any @author tags
.{color:green}+1{color} the patch does not introduce any tabs
.{color:green}+1{color} the patch does not introduce any trailing spaces
.{color:green}+1{color} the patch does not introduce any line longer than
132
.{color:red}-1{color} the patch does not add/modify any testcase
{color:green}+1 RAT{color}
.{color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
.{color:green}+1{color} the patch does not seem to introduce new Javadoc
warnings
{color:green}+1 COMPILE{color}
.{color:green}+1{color} HEAD compiles
.{color:green}+1{color} patch compiles
.{color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:orange}0{color} There are [1] new bugs found in total that would be nice
to have fixed.
.{color:green}+1{color} There are no new bugs found in [server].
.{color:green}+1{color} There are no new bugs found in [client].
.{color:green}+1{color} There are no new bugs found in [core].
.{color:green}+1{color} There are no new bugs found in [docs].
.{color:green}+1{color} There are no new bugs found in
[hadooplibs/hadoop-utils-2].
.{color:green}+1{color} There are no new bugs found in [tools].
.{color:green}+1{color} There are no new bugs found in [examples].
.{color:green}+1{color} There are no new bugs found in [sharelib/streaming].
.{color:green}+1{color} There are no new bugs found in [sharelib/sqoop].
.{color:green}+1{color} There are no new bugs found in [sharelib/distcp].
.{color:orange}0{color} There are [1] new bugs found in [sharelib/oozie]
that would be nice to have fixed.
.You can find the FindBugs diff here: sharelib/oozie/findbugs-new.html
.{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog].
.{color:green}+1{color} There are no new bugs found in [sharelib/hive].
.{color:green}+1{color} There are no new bugs found in [sharelib/hive2].
.{color:green}+1{color} There are no new bugs found in [sharelib/pig].
.{color:green}+1{color} There are no new bugs found in [sharelib/spark].
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
.{color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
.{color:green}+1{color} the patch does not modify JPA files
{color:red}-1 TESTS{color}
.Tests run: 1890
.Tests failed: 0
.Tests errors: 1
.The patch failed the following testcases:
.
.Tests failing with errors:
. testJMXInstrumentation(org.apache.oozie.util.TestMetricsInstrumentation)
{color:green}+1 DISTRO{color}
.{color:green}+1{color} distro tarball builds with the patch
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/oozie-trunk-precommit-build/3669/
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch,
> OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15895424#comment-15895424
]
Hadoop QA commented on OOZIE-2779:
--
Testing JIRA OOZIE-2779
Cleaning local git workspace
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
.{color:green}+1{color} the patch does not introduce any @author tags
.{color:green}+1{color} the patch does not introduce any tabs
.{color:green}+1{color} the patch does not introduce any trailing spaces
.{color:green}+1{color} the patch does not introduce any line longer than
132
.{color:red}-1{color} the patch does not add/modify any testcase
{color:green}+1 RAT{color}
.{color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
.{color:green}+1{color} the patch does not seem to introduce new Javadoc
warnings
{color:red}-1 COMPILE{color}
.{color:red}-1{color} HEAD does not compile
.{color:red}-1{color} patch does not compile
.{color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:orange}0{color} There are [1] new bugs found in total that would be nice
to have fixed.
.{color:green}+1{color} There are no new bugs found in [client].
.{color:green}+1{color} There are no new bugs found in [sharelib/hive].
.{color:green}+1{color} There are no new bugs found in [sharelib/sqoop].
.{color:green}+1{color} There are no new bugs found in [sharelib/spark].
.{color:green}+1{color} There are no new bugs found in [sharelib/streaming].
.{color:green}+1{color} There are no new bugs found in [sharelib/hive2].
.{color:orange}0{color} There are [1] new bugs found in [sharelib/oozie]
that would be nice to have fixed.
.You can find the FindBugs diff here: sharelib/oozie/findbugs-new.html
.{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog].
.{color:green}+1{color} There are no new bugs found in [sharelib/pig].
.{color:green}+1{color} There are no new bugs found in [sharelib/distcp].
.{color:green}+1{color} There are no new bugs found in [docs].
.{color:green}+1{color} There are no new bugs found in [server].
.{color:green}+1{color} There are no new bugs found in [core].
.{color:green}+1{color} There are no new bugs found in
[hadooplibs/hadoop-utils-2].
.{color:green}+1{color} There are no new bugs found in [examples].
.{color:green}+1{color} There are no new bugs found in [tools].
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
.{color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
.{color:green}+1{color} the patch does not modify JPA files
{color:red}-1 TESTS{color} - patch does not compile, cannot run testcases
{color:red}-1 DISTRO{color}
.{color:red}-1{color} distro tarball fails with the patch
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/oozie-trunk-precommit-build/3668/
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15895260#comment-15895260
]
Abhishek Bafna commented on OOZIE-2779:
---
Thanks [~rkanter] for the review and feedback. The approach looks good to me
and updated the patch accordingly. Thanks.
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch, OOZIE-2779-01.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15893602#comment-15893602
]
Robert Kanter commented on OOZIE-2779:
--
I don't have a good counterexample off the top of my head, but what if {{"-p"}}
is a non-password valid argument for some other component? Or becomes one in
the future? For instance, it could stand for "parallel" or something. So I
don't think we should block all {{"-p"}} args across all Action types. How
about we make {{printArgs}} take additional arguments for additional things to
mask?
{code:java}
public static void printArgs(String banner, String[] args, String... custom) {
...
for (String c : custom) {
if (arg.toLowerCase.contains(c)) {
maskNextArg = true;
}
}
...
{code}
Then in {{Hive2Action}}, we'd call:
{code:java}
LauncherMapper.printArgs("Beeline command arguments :", arguments.toArray(new
String[arguments.size()], "-p"));
{code}
And other Action types can add other arguments as necessary.
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (OOZIE-2779) Mask Hive2 action Beeline JDBC password
[
https://issues.apache.org/jira/browse/OOZIE-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15875887#comment-15875887
]
Abhishek Bafna commented on OOZIE-2779:
---
[~rkanter] can you please take a look?
> Mask Hive2 action Beeline JDBC password
> ---
>
> Key: OOZIE-2779
> URL: https://issues.apache.org/jira/browse/OOZIE-2779
> Project: Oozie
> Issue Type: Bug
> Components: action
>Reporter: Abhishek Bafna
>Assignee: Abhishek Bafna
> Labels: security
> Fix For: 5.0.0
>
> Attachments: OOZIE-2779-00.patch
>
>
> Hive2 Oozie launcher job prints the JDBC password into launcher stdout logs.
> {noformat}
> Beeline command arguments :
> -u
> jdbc:hive2://source-1:1/default
> -n
> ambari-qa
> -p
> DUMMY
> -d
> org.apache.hive.jdbc.HiveDriver
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
