[
https://issues.apache.org/jira/browse/RANGER-802?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15154230#comment-15154230
]
Bolke de Bruin commented on RANGER-802:
---------------------------------------
I'm not sure what is going on. The patch I created in RANGER-827 and updated in
RANGER-847 include the old interface of reading /etc/passwd en the new
interface of using "getent". Both interfaces are tested and do rely on having a
functional system, ie. /etc/passwd exists and contains well known users and
"getent" works. All tests fail now including the ones that are using the old
code path.
The error happens here (last line is line 211, UnixUserGroupBuilder)
if (len < 2) {
continue;
}
String userName = tokens[0];
String userId = tokens[2];
String groupId = tokens[3];
This is old code. Obviously, I can update the code (and I should) to check for
len < 3 and that will fix the error most likely. However, I am suspicious of
why it happens. It basically means that /etc/passwd is of incorrect format but
also the output of "getent". This might be due to the fact the files are now
being read as "UTF-8", however it doesn't explain why it passed local tests
earlier and rangerqa.
I will create that patch that checks for len<3 and log to WARN the line if it
encounters any lines that do not match. Hopefully that will shed a bit more
light on this.
> HBase plugin: Implement the new methods added to MasterObservers Interface
> and mimic their implementation in Hbase AccessController
> -----------------------------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-802
> URL: https://issues.apache.org/jira/browse/RANGER-802
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 0.5.0
> Reporter: Alok Lal
> Assignee: Alok Lal
> Fix For: 0.6.0
>
> Attachments: 802.0.patch, 802.1.patch
>
>
> Following Hbase commits to their master have added new functionality around
> authorizing the listing and aborting of procedures.
> {code}
> * ed4c734 HBASE-14432 Procedure V2 - enforce ACL on procedure admin tasks
> (Stephen Yuan Jiang
> * f6be2f9 HBASE-14488 Procedure V2 - shell command to abort a procedure
> (Stephen Yuan Jiang)
> * 2350645 HBASE-14487 Procedure V2 - shell command to list all procedures
> (Stephen Yuan Jiang)
> * 5b7894f HBASE-14107 Administrative Task: Provide an API to List all
> procedures (Stephen Yuan Jiang)
> * 3341f13 HBASE-14108 Procedure V2 Administrative Task: provide an API to
> abort a procedure (Stephen Yuan Jiang)
> {code}
> Currently we build against hbase 1.1.0. As and when these get ported from
> master to 1.1.0 or if we move to newer versions of hbase then these new
> interface methods would show up not only as compile time issues but also as
> deviation between Ranger's Authorizer and HBase standard
> {{AccessController}}. This we should implement these methods in Ranger.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
