ranger git commit: RANGER-1604:DB based auditing had been removed in RANGER-900. But some configurations and codes are not removed accordingly in Ranger Admin. It often makes the user feel confused such as RANGER-1286.

Mon, 12 Jun 2017 00:26:52 -0700 

Repository: ranger
Updated Branches:
  refs/heads/master 2814f71fa -> f2c4f90f0


RANGER-1604:DB based auditing had been removed in RANGER-900. But some 
configurations and codes are not removed accordingly in Ranger Admin. It often 
makes the user feel confused such as RANGER-1286.

Signed-off-by: zhangqiang2 <zhangqia...@zte.com.cn>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/f2c4f90f
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/f2c4f90f
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/f2c4f90f

Branch: refs/heads/master
Commit: f2c4f90f07f6cddc008b560aa361b5a0b1e04a00
Parents: 2814f71
Author: zhangqiang2 <zhangqia...@zte.com.cn>
Authored: Fri Jun 9 05:37:01 2017 -0400
Committer: zhangqiang2 <zhangqia...@zte.com.cn>
Committed: Mon Jun 12 03:24:39 2017 -0400

----------------------------------------------------------------------
 security-admin/scripts/install.properties |  6 +-
 security-admin/scripts/setup.sh           | 83 +-------------------------
 2 files changed, 2 insertions(+), 87 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/f2c4f90f/security-admin/scripts/install.properties
----------------------------------------------------------------------
diff --git a/security-admin/scripts/install.properties 
b/security-admin/scripts/install.properties
index 06a1b89..268b8ac 100644
--- a/security-admin/scripts/install.properties
+++ b/security-admin/scripts/install.properties
@@ -67,8 +67,7 @@ db_name=ranger
 db_user=rangeradmin
 db_password=
 
-#Source for Audit Store
-#audit_store=solr|db
+#Source for Audit Store. Currently only solr is supported.
 # * audit_store is solr
 audit_store=solr
 
@@ -77,9 +76,6 @@ audit_solr_urls=
 audit_solr_user=
 audit_solr_password=
 audit_solr_zookeepers=
-#audit_db_name=
-#audit_db_user=
-#audit_db_password=
 
 #------------------------- DB CONFIG - END ----------------------------------
 

http://git-wip-us.apache.org/repos/asf/ranger/blob/f2c4f90f/security-admin/scripts/setup.sh
----------------------------------------------------------------------
diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh
index ef61e8d..f49bb13 100755
--- a/security-admin/scripts/setup.sh
+++ b/security-admin/scripts/setup.sh
@@ -71,9 +71,6 @@ audit_solr_urls=$(get_prop 'audit_solr_urls' $PROPFILE)
 audit_solr_user=$(get_prop 'audit_solr_user' $PROPFILE)
 audit_solr_password=$(get_prop 'audit_solr_password' $PROPFILE)
 audit_solr_zookeepers=$(get_prop 'audit_solr_zookeepers' $PROPFILE)
-audit_db_name=''
-audit_db_user=''
-audit_db_password=''
 policymgr_external_url=$(get_prop 'policymgr_external_url' $PROPFILE)
 policymgr_http_enabled=$(get_prop 'policymgr_http_enabled' $PROPFILE)
 policymgr_https_keystore_file=$(get_prop 'policymgr_https_keystore_file' 
$PROPFILE)
@@ -238,11 +235,7 @@ init_variables(){
                        exit 1
                fi
        fi
-       if [ "${audit_store}" == "db" ] ;then
-               audit_db_name=$(get_prop 'audit_db_name' $PROPFILE)
-               audit_db_user=$(get_prop 'audit_db_user' $PROPFILE)
-               audit_db_password=$(get_prop 'audit_db_password' $PROPFILE)
-       fi
+
        db_ssl_enabled=`echo $db_ssl_enabled | tr '[:upper:]' '[:lower:]'`
        if [ "${db_ssl_enabled}" != "true" ]
        then
@@ -488,13 +481,6 @@ update_properties() {
                newPropertyValue="jdbc:log4jdbc:mysql://${DB_HOST}/${db_name}"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_ranger
 
-               if [ "${audit_store}" == "db" ]
-               then
-                       propertyName=ranger.jpa.audit.jdbc.url
-                       
newPropertyValue="jdbc:log4jdbc:mysql://${DB_HOST}/${audit_db_name}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-               fi
-
                propertyName=ranger.jpa.jdbc.dialect
                
newPropertyValue="org.eclipse.persistence.platform.database.MySQLPlatform"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
@@ -525,12 +511,6 @@ update_properties() {
                fi
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_ranger
 
-               if [ "${audit_store}" == "db" ]
-               then
-                       propertyName=ranger.jpa.audit.jdbc.url
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-               fi
-
                propertyName=ranger.jpa.jdbc.dialect
                
newPropertyValue="org.eclipse.persistence.platform.database.OraclePlatform"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
@@ -550,21 +530,12 @@ update_properties() {
        if [ "${DB_FLAVOR}" == "POSTGRES" ]
        then
                db_name=`echo ${db_name} | tr '[:upper:]' '[:lower:]'`
-               audit_db_name=`echo ${audit_db_name} | tr '[:upper:]' 
'[:lower:]'`
                db_user=`echo ${db_user} | tr '[:upper:]' '[:lower:]'`
-               audit_db_user=`echo ${audit_db_user} | tr '[:upper:]' 
'[:lower:]'`
 
                propertyName=ranger.jpa.jdbc.url
                newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_ranger
 
-               if [ "${audit_store}" == "db" ]
-               then
-                       propertyName=ranger.jpa.audit.jdbc.url
-                       
newPropertyValue="jdbc:postgresql://${DB_HOST}/${audit_db_name}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-               fi
-
                propertyName=ranger.jpa.jdbc.dialect
                
newPropertyValue="org.eclipse.persistence.platform.database.PostgreSQLPlatform"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
@@ -588,13 +559,6 @@ update_properties() {
                
newPropertyValue="jdbc:sqlserver://${DB_HOST};databaseName=${db_name}"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_ranger
 
-               if [ "${audit_store}" == "db" ]
-               then
-                       propertyName=ranger.jpa.audit.jdbc.url
-                       
newPropertyValue="jdbc:sqlserver://${DB_HOST};databaseName=${audit_db_name}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-               fi
-
                propertyName=ranger.jpa.jdbc.dialect
                
newPropertyValue="org.eclipse.persistence.platform.database.SQLServerPlatform"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
@@ -618,13 +582,6 @@ update_properties() {
                
newPropertyValue="jdbc:sqlanywhere:database=${db_name};host=${DB_HOST}"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_ranger
 
-               if [ "${audit_store}" == "db" ]
-               then
-                       propertyName=ranger.jpa.audit.jdbc.url
-                       
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${DB_HOST}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-               fi
-
                propertyName=ranger.jpa.jdbc.dialect
                
newPropertyValue="org.eclipse.persistence.platform.database.SQLAnywherePlatform"
                updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
@@ -672,12 +629,6 @@ update_properties() {
        newPropertyValue="${db_user}"
        updatePropertyToFilePy $propertyName $newPropertyValue $to_file_ranger
 
-       if [ "${audit_store}" == "db" ]
-       then
-               propertyName=ranger.jpa.audit.jdbc.user
-               newPropertyValue="${audit_db_user}"
-               updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-       fi
        ##########
 
        keystore="${cred_keystore_filename}"
@@ -723,38 +674,6 @@ update_properties() {
        fi
 
        ###########
-       if [ "${audit_store}" == "db" ]
-       then
-           audit_db_password_alias=ranger.auditdb.password
-
-           echo "Starting configuration for Audit DB credentials:"
-
-           if [ "${keystore}" != "" ]
-           then
-               $PYTHON_COMMAND_INVOKER ranger_credential_helper.py -l 
"cred/lib/*" -f "$keystore" -k "$audit_db_password_alias" -v 
"$audit_db_password" -c 1
-
-                       propertyName=ranger.jpa.audit.jdbc.credential.alias
-               newPropertyValue="${audit_db_password_alias}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-                       propertyName=ranger.jpa.audit.jdbc.password
-               newPropertyValue="_"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-           else
-                       propertyName=ranger.jpa.audit.jdbc.password
-               newPropertyValue="${audit_db_password}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-           fi
-
-           if test -f $keystore; then
-               chown -R ${unix_user}:${unix_group} ${keystore}
-               #echo "$keystore found."
-           else
-               #echo "$keystore not found. so use clear text password"
-                       propertyName=ranger.jpa.audit.jdbc.password
-               newPropertyValue="${audit_db_password}"
-                       updatePropertyToFilePy $propertyName $newPropertyValue 
$to_file_default
-           fi
-       fi
        if [ "${audit_store}" == "solr" ]
        then
                if [ "${audit_solr_zookeepers}" != "" ]

Reply via email to