Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-4043

[ugsync]Enumerate Groups will give error on executing 'getent group' command

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.0.0, 2.4.0
    • Ranger
    • None

    Description

      Currently in the Ranger usersync code for UnixUserSync the enumerate group option accepts group as comma separated values.
      Example:

      ranger.usersync.group.enumerate: true
ranger.usersync.group.enumerategroup: test_group1,test_group2

      However in the code
      ugsync/src/main/java/org/apache/ranger/process
      UnixUserGroupBuilder.java -> buildUnixGroupList()

      when enumerateGroups is set, the line:

      String[] cmd = new String[] {"bash", "-c", command + " '" + group + "'"};

      will create the command as:
      bash -c getent group <group_name> '<group_name>'

      bash -c getent group test_group1 'test_group1'

      which is an invalid command as getent takes one argument.
      This will return an exit-code 2 with error.

      Attachments

        Activity

          People

            fateh288 Fateh Singh
            abhishek.pal Abhishek Pal
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 50m
                50m