Major Description
If we run setup.sh in usersync a second time, the setup.py in usersync folder will change the permissions to 0750 and owner to ranger:ranger of hadoop core-site.xml. This will affect other software that needs to read core-site.xml, for example, hiveserver2 will fail to start because it does not have permission to read core-site.xml. Ranger should never change the permission or ownership of core-site.xml in hadoop conf dir.
The reason why the permissions and owner of core-site.xml are modified is because the following code in unixauthservice/scripts/setup.py
for dir in fixPermList: for root, dirs, files in os.walk(dir): os.chown(root, ownerId, groupId) os.chmod(root, 0755) for obj in dirs: dn = join(root, obj) os.chown(dn, ownerId, groupId) os.chmod(dn, 0755) for obj in files: fn = join(root, obj) os.chown(fn, ownerId, groupId) os.chmod(fn, 0750)
If we run setup.sh in usersync a second time, there will be a soft link of core-site.xml in /etc/ranger/usersync/conf. In the for loop, it will traverse to /etc/ranger/usersync/conf/core-site.xml, and use os.chown and os.chmod to change the permisson and ownership. We should unlink the soft link of core-site.xml before this for loop.
Attachments
Attachments
Issue Links
- links to
