[
https://issues.apache.org/jira/browse/IMPALA-7072?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16575621#comment-16575621
]
Alex Rodoni commented on IMPALA-7072:
-------------------------------------
[~sailesh] [~kwho] Doc this as a limitation?
> Kudu's kinit does not support auth_to_local rules with Heimdal kerberos
> -----------------------------------------------------------------------
>
> Key: IMPALA-7072
> URL: https://issues.apache.org/jira/browse/IMPALA-7072
> Project: IMPALA
> Issue Type: Bug
> Components: Security
> Affects Versions: Impala 2.12.0
> Reporter: Sailesh Mukil
> Assignee: Sailesh Mukil
> Priority: Critical
>
> On deployments that use Heimdal kerberos configured with 'auth_to_local'
> rules set, and with the Impala startup flag 'use_kudu_kinit'= true, the
> auth_to_local rules will not be respected as it's not supported with Kudu's
> kinit.
> The implication of this is that from Impala 2.12.0 onwards, clusters with the
> above configuration will not be able to use KRPC with kerberos enabled.
> A workaround is to get rid of the auth_to_local rules for such deployments.
> We need to have a good long term solution to fix this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org
For additional commands, e-mail: issues-all-h...@impala.apache.org
