ambari git commit: AMBARI-13763. ranger.audit.solr.zookeepers value should be suffixed with /ranger_audits

gautam Tue, 10 Nov 2015 21:17:56 -0800

Repository: ambari
Updated Branches:
  refs/heads/branch-2.1 cd20150a3 -> 3fed844be



AMBARI-13763. ranger.audit.solr.zookeepers value should be suffixed with 
/ranger_audits


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3fed844b
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3fed844b
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3fed844b

Branch: refs/heads/branch-2.1
Commit: 3fed844bea5b07d964bdca1cc39cbaec4025fd4c
Parents: cd20150
Author: Gautam Borad <gau...@apache.org>
Authored: Fri Nov 6 16:05:12 2015 +0530
Committer: Gautam Borad <gau...@apache.org>
Committed: Wed Nov 11 10:47:07 2015 +0530

----------------------------------------------------------------------
 .../RANGER/0.4.0/package/scripts/setup_ranger.py        |  2 +-
 .../RANGER_KMS/0.5.0.2.3/package/scripts/kms.py         | 12 ++++++++++++
 .../2.3/services/RANGER/configuration/ranger-env.xml    |  2 +-
 .../RANGER/configuration/ranger-ugsync-site.xml         |  2 +-
 .../resources/stacks/HDP/2.3/services/stack_advisor.py  |  9 +++++++--
 5 files changed, 22 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/3fed844b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger.py
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger.py
 
b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger.py
index 27bccdc..a571686 100644
--- 
a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger.py
+++ 
b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger.py
@@ -122,7 +122,7 @@ def check_db_connnection():
   if params.db_flavor.lower() == 'mysql':
     cmd = format('{sql_command_invoker} -u {db_root_user} 
--password={db_root_password!p} -h {db_host}  -s -e "select version();"')
   elif params.db_flavor.lower() == 'oracle':
-    cmd = format('{sql_command_invoker} 
{db_root_user}/{db_root_password!p}@{db_host} AS SYSDBA')
+    cmd = format("{sql_command_invoker} 
'{db_root_user}/\"{db_root_password}\"@{db_host}' AS SYSDBA")
     env_dict = {'ORACLE_HOME':params.oracle_home, 
'LD_LIBRARY_PATH':params.oracle_home}
   elif params.db_flavor.lower() == 'postgres':
     cmd = 'true'

http://git-wip-us.apache.org/repos/asf/ambari/blob/3fed844b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
 
b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
index c74b340..905ec1d 100755
--- 
a/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
+++ 
b/ambari-server/src/main/resources/common-services/RANGER_KMS/0.5.0.2.3/package/scripts/kms.py
@@ -35,12 +35,24 @@ from resource_management.libraries.functions.format import 
format
 from resource_management.libraries.functions.ranger_functions import 
Rangeradmin
 from resource_management.core.utils import PasswordString
 from resource_management.core.shell import as_sudo
+import re
+
+def password_validation(password, key):
+  import params
+  if password.strip() == "":
+    raise Fail("Blank password is not allowed for {0} property. Please enter 
valid password.".format(key))
+  if re.search("[\\\`'\"]",password):
+    raise Fail("{0} password contains one of the unsupported special 
characters like \" ' \ `".format(key))
+  else:
+    Logger.info("Password validated")
 
 def setup_kms_db():
   import params
 
   if params.has_ranger_admin:
 
+    password_validation(params.kms_master_key_password, 'KMS master key')
+
     File(params.downloaded_custom_connector,
       content = DownloadSource(params.driver_curl_source),
       mode = 0644

http://git-wip-us.apache.org/repos/asf/ambari/blob/3fed844b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
 
b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
index 8693c46..eec7436 100644
--- 
a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
+++ 
b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-env.xml
@@ -29,7 +29,7 @@
   <property>
     <name>create_db_dbuser</name>
     <value>true</value>
-    <display-name>Setup Database and Databse User</display-name>
+    <display-name>Setup Database and Database User</display-name>
     <description>If set to Yes, Ambari will create and setup Ranger Database 
and Database User. This will require to specify Database Admin user and 
password</description>
     <value-attributes>
       <type>value-list</type>

http://git-wip-us.apache.org/repos/asf/ambari/blob/3fed844b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-ugsync-site.xml
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-ugsync-site.xml
 
b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-ugsync-site.xml
index e878d3d..4f6399b 100644
--- 
a/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-ugsync-site.xml
+++ 
b/ambari-server/src/main/resources/stacks/HDP/2.3/services/RANGER/configuration/ranger-ugsync-site.xml
@@ -65,7 +65,7 @@
   <property>
     <name>ranger.usersync.enabled</name>
     <display-name>Enable User Sync</display-name>
-    <value>false</value>
+    <value>true</value>
     <description>Should users and groups be synchronized to Ranger Database? 
Required to setup Ranger policies</description>
     <value-attributes>
       <empty-value-valid>true</empty-value-valid>

http://git-wip-us.apache.org/repos/asf/ambari/blob/3fed844b/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py 
b/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
index 7d2b625..c7e8ebd 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.3/services/stack_advisor.py
@@ -416,7 +416,12 @@ class HDP23StackAdvisor(HDP22StackAdvisor):
     if isSolrCloudEnabled:
       zookeeper_host_port = self.getZKHostPortString(services)
       if zookeeper_host_port:
-        putRangerAdminProperty('ranger.audit.solr.zookeepers', 
zookeeper_host_port)
+        ranger_audit_zk_port = []
+        zk_hosts = zookeeper_host_port.split(',')
+        for zk_host in zk_hosts:
+          
ranger_audit_zk_port.append('{0}/{1}'.format(zk_host,'ranger_audits'))
+        ranger_audit_zk_port = ','.join(ranger_audit_zk_port)
+        putRangerAdminProperty('ranger.audit.solr.zookeepers', 
ranger_audit_zk_port)
     else:
       putRangerAdminProperty('ranger.audit.solr.zookeepers', 'NONE')
 
@@ -425,7 +430,7 @@ class HDP23StackAdvisor(HDP22StackAdvisor):
     if include_hdfs:
       if 'core-site' in services['configurations'] and ('fs.defaultFS' in 
services['configurations']['core-site']['properties']):
         default_fs = 
services['configurations']['core-site']['properties']['fs.defaultFS']
-        putRangerEnvProperty('xasecure.audit.destination.hdfs.dir', default_fs)
+        putRangerEnvProperty('xasecure.audit.destination.hdfs.dir', 
'{0}/{1}/{2}'.format(default_fs,'ranger','audit'))
 
     # Recommend Ranger supported service's audit properties
     ranger_services = [

ambari git commit: AMBARI-13763. ranger.audit.solr.zookeepers value should be suffixed with /ranger_audits

Reply via email to