AMBARI-14961. Ambari overwrites auth_to_local rules in core-site.xml (dlysnichenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/42945001 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/42945001 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/42945001 Branch: refs/heads/branch-dev-patch-upgrade Commit: 4294500105a3e7f12be3f14801dd319a6b95f489 Parents: dfff43d Author: Lisnichenko Dmitro <dlysniche...@hortonworks.com> Authored: Tue Feb 9 17:02:44 2016 +0200 Committer: Lisnichenko Dmitro <dlysniche...@hortonworks.com> Committed: Tue Feb 9 17:02:44 2016 +0200 ---------------------------------------------------------------------- .../ambari/server/controller/KerberosHelperImpl.java | 8 +++++++- .../KERBEROS/1.10.3-10/configuration/kerberos-env.xml | 14 ++++++++++++++ ambari-web/app/data/HDP2/site_properties.js | 7 +++++++ 3 files changed, 28 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/42945001/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java index fe1ba46..be6edc9 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java @@ -651,7 +651,13 @@ public class KerberosHelperImpl implements KerberosHelper { Map<String, Map<String, String>> kerberosConfigurations) throws AmbariException { - if (kerberosDescriptor != null) { + boolean processAuthToLocalRules = true; + Map<String, String> kerberosEnvProperties = existingConfigurations.get("kerberos-env"); + if(kerberosEnvProperties.containsKey("manage_auth_to_local")) { + processAuthToLocalRules = Boolean.valueOf(kerberosEnvProperties.get("manage_auth_to_local")); + } + + if (kerberosDescriptor != null && processAuthToLocalRules) { Set<String> authToLocalProperties; Set<String> authToLocalPropertiesToSet = new HashSet<String>(); http://git-wip-us.apache.org/repos/asf/ambari/blob/42945001/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml index 25a5533..a03dea6 100644 --- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml +++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml @@ -50,6 +50,20 @@ </property> <property> + <name>manage_auth_to_local</name> + <description> + Indicates whether the hadoop auth_to_local rules should be managed by Ambari or managed manually. + </description> + <value>true</value> + <display-name>Manage Hadoop auth_to_local rules</display-name> + <value-attributes> + <visible>true</visible> + <overridable>false</overridable> + <type>boolean</type> + </value-attributes> + </property> + + <property> <name>install_packages</name> <display-name>Install OS-specific Kerberos client package(s)</display-name> <description> http://git-wip-us.apache.org/repos/asf/ambari/blob/42945001/ambari-web/app/data/HDP2/site_properties.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/site_properties.js b/ambari-web/app/data/HDP2/site_properties.js index 385b1bf..3ea6c68 100644 --- a/ambari-web/app/data/HDP2/site_properties.js +++ b/ambari-web/app/data/HDP2/site_properties.js @@ -1491,6 +1491,13 @@ var hdp2properties = [ "index" : 13 }, { + "name": "manage_auth_to_local", + "serviceName": "KERBEROS", + "filename": "kerberos-env.xml", + "category": "Advanced kerberos-env", + "index" : 14 + }, + { "name": "admin_server_host", "serviceName": "KERBEROS", "filename": "kerberos-env.xml",