Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-12782

Handle file permissions for jceks file in umask 027

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.1.1
    • 2.1.2
    • None
    • None

    Description

      1. Handle : cd_access='a' for /etc/ranger/ (when jceks files are created)
        • Audit to DB fails in a case if Ranger is not installed on same host as that of component host.
        • For example Ranger is running on Host1 and Hiveserver2 is running on Host2. Then as /etc/ranger/<repository_name> gets created and has owner as hive user. However, due to umask setting /etc/ranger gets 750 permission with root:root as owner:group.
        • Due to this when hive user tries to read the jceks file to generate audits to DB - it gets permission denied error.
      2. rectifying ranger_audit_db passwd to be used while creating jceks for Ranger Audit DB

      Attachments

        1. AMBARI-12782.patch
          7 kB
          Gautam Borad

        Issue Links

          Activity

            People

              gautamborad Gautam Borad
              gautamborad Gautam Borad
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: