> On March 23, 2017, 4:12 a.m., Selvamohan Neethiraj wrote: > > security-admin/scripts/setup.sh > > Lines 1273 (patched) > > <https://reviews.apache.org/r/57865/diff/1/?file=1672499#file1672499line1273> > > > > Password Can be seen via Process List command > > > > Sending Password on the command will cause a security issue as other > > users in the box can find the password using process list commands such as > > 'ps -ef'. > > > > Consider using command similar to ... > > $ cat <<! > > ${unix_user}:${unix_user_pwd} > > ! | chpasswd
Ok. I fixed it and updated the patch. Thanks. - pengjianhua ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57865/#review169838 ----------------------------------------------------------- On March 23, 2017, 9:14 a.m., pengjianhua wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57865/ > ----------------------------------------------------------- > > (Updated March 23, 2017, 9:14 a.m.) > > > Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O > hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan > Neethiraj, Velmurugan Periasamy, and Qiang Zhang. > > > Bugs: RANGER-1467 > https://issues.apache.org/jira/browse/RANGER-1467 > > > Repository: ranger > > > Description > ------- > > The password is not set after the user is created by install program during > installing Ranger Policy Admin. The current logic is reasonable if the user > exists during installing Ranger Policy Admin. Based on current program logic > we can only use the new linx user according to as following methods: > 1. Set the new user password manually. > 2. Login system using root user. Then use su command to switch the new user. > Obviously, these steps increase the difficulty of the user to use the system > and reduce easy-using of the Ranger Policy Admin. > We should automatically set password for the new user after the user was > created like db user. > > > Diffs > ----- > > security-admin/scripts/install.properties f323c95 > security-admin/scripts/setup.sh 2e7752d > > > Diff: https://reviews.apache.org/r/57865/diff/2/ > > > Testing > ------- > > > Thanks, > > pengjianhua > >
