Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-12782

Handle file permissions for jceks file in umask 027

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.1
    • Fix Version/s: 2.1.2
    • Component/s: None
    • Labels:
      None

      Description

      1. Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
        • Audit to DB fails in a case if Ranger is not installed on same host as that of component host.
        • For example Ranger is running on Host1 and Hiveserver2 is running on Host2. Then as /etc/ranger/<repository_name> gets created and has owner as hive user. However, due to umask setting /etc/ranger gets 750 permission with root:root as owner:group.
        • Due to this when hive user tries to read the jceks file to generate audits to DB - it gets permission denied error.
      2. rectifying ranger_audit_db passwd to be used while creating jceks for Ranger Audit DB

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                gautamborad Gautam Borad
                Reporter:
                gautamborad Gautam Borad
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: