Lionel Cons created ZOOKEEPER-2843: -------------------------------------- Summary: auth_to_local should support reading rules from a file Key: ZOOKEEPER-2843 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843 Project: ZooKeeper Issue Type: Improvement Reporter: Lionel Cons
The current handling of {{zookeeper.security.auth_to_local}} in {{KerberosName.java}} only support rules given directly as the property value. These rules must therefore be given on the command line and: * must be escaped properly to avoid shell expansion * are visible in the {{ps}} output It would be much better to put these rules in a file and pass the file path as the property value. We would then use something like {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}. Note that using the {{file:}} prefix allows keeping backward compatibility. -- This message was sent by Atlassian JIRA (v6.4.14#64029)