[ https://issues.apache.org/jira/browse/IMPALA-7072?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16576340#comment-16576340 ]
Sailesh Mukil commented on IMPALA-7072: --------------------------------------- [~arodoni_cloudera] Yes that's right, as a limitation. > Kudu's kinit does not support auth_to_local rules with Heimdal kerberos > ----------------------------------------------------------------------- > > Key: IMPALA-7072 > URL: https://issues.apache.org/jira/browse/IMPALA-7072 > Project: IMPALA > Issue Type: Bug > Components: Security > Affects Versions: Impala 2.12.0 > Reporter: Sailesh Mukil > Assignee: Sailesh Mukil > Priority: Critical > > On deployments that use Heimdal kerberos configured with 'auth_to_local' > rules set, and with the Impala startup flag 'use_kudu_kinit'= true, the > auth_to_local rules will not be respected as it's not supported with Kudu's > kinit. > The implication of this is that from Impala 2.12.0 onwards, clusters with the > above configuration will not be able to use KRPC with kerberos enabled. > A workaround is to get rid of the auth_to_local rules for such deployments. > We need to have a good long term solution to fix this. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org