[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15180467#comment-15180467 ] Jeffrey E Rodriguez commented on AMBARI-12415: --- I have one concern with this solution which is that we are giving anonymous user "dr.who" yarn admin access. Seems to be like this would be a vulnerability. Wouldn't a better solution would be to turn on Console security? > Ambari should set dr. who in the admin acl by default in the secure cluster > --- > > Key: AMBARI-12415 > URL: https://issues.apache.org/jira/browse/AMBARI-12415 > Project: Ambari > Issue Type: Bug > Components: ambari-server >Affects Versions: 2.1.0 >Reporter: Jaimin D Jetly >Assignee: Jaimin D Jetly >Priority: Critical > Fix For: 2.1.1 > > Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, > kerberized cluster(with fix).png > > > In a secure cluster, user access the UI by default as dr. who. Since dr. who > by default is not allowed to view the app info, user cannot view the apps. > The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14627144#comment-14627144 ] Hudson commented on AMBARI-12415: - SUCCESS: Integrated in Ambari-branch-2.1 #226 (See [https://builds.apache.org/job/Ambari-branch-2.1/226/]) AMBARI-12415. Ambari should set dr. who in the admin acl by default in the secure cluster. (jaimin) (jaimin: http://git-wip-us.apache.org/repos/asf?p=ambari.gita=commith=f4dbcbae4d963440e6210331399134b6388f61cb) * ambari-server/src/main/resources/stacks/HDP/2.3/services/YARN/kerberos.json Ambari should set dr. who in the admin acl by default in the secure cluster --- Key: AMBARI-12415 URL: https://issues.apache.org/jira/browse/AMBARI-12415 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.1.0 Reporter: Jaimin D Jetly Assignee: Jaimin D Jetly Priority: Critical Fix For: 2.1.1 Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, kerberized cluster(with fix).png In a secure cluster, user access the UI by default as dr. who. Since dr. who by default is not allowed to view the app info, user cannot view the apps. The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14627108#comment-14627108 ] Hudson commented on AMBARI-12415: - SUCCESS: Integrated in Ambari-trunk-Commit #3117 (See [https://builds.apache.org/job/Ambari-trunk-Commit/3117/]) AMBARI-12415. Ambari should set dr. who in the admin acl by default in the secure cluster. (jaimin) (jaimin: http://git-wip-us.apache.org/repos/asf?p=ambari.gita=commith=86b7bb55eb3a5a7bf5902698b675ebeb10f5ef2f) * ambari-server/src/main/resources/stacks/HDP/2.3/services/YARN/kerberos.json Ambari should set dr. who in the admin acl by default in the secure cluster --- Key: AMBARI-12415 URL: https://issues.apache.org/jira/browse/AMBARI-12415 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.1.0 Reporter: Jaimin D Jetly Assignee: Jaimin D Jetly Priority: Critical Fix For: 2.1.1 Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, kerberized cluster(with fix).png In a secure cluster, user access the UI by default as dr. who. Since dr. who by default is not allowed to view the app info, user cannot view the apps. The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14626983#comment-14626983 ] Jaimin D Jetly commented on AMBARI-12415: - Patch has only json file metadata change and so no unit test included in the patch. Ambari should set dr. who in the admin acl by default in the secure cluster --- Key: AMBARI-12415 URL: https://issues.apache.org/jira/browse/AMBARI-12415 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.1.0 Reporter: Jaimin D Jetly Assignee: Jaimin D Jetly Priority: Critical Fix For: 2.1.1 Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, kerberized cluster(with fix).png In a secure cluster, user access the UI by default as dr. who. Since dr. who by default is not allowed to view the app info, user cannot view the apps. The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14626985#comment-14626985 ] Mahadev konar commented on AMBARI-12415: +1 for the patch. Ambari should set dr. who in the admin acl by default in the secure cluster --- Key: AMBARI-12415 URL: https://issues.apache.org/jira/browse/AMBARI-12415 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.1.0 Reporter: Jaimin D Jetly Assignee: Jaimin D Jetly Priority: Critical Fix For: 2.1.1 Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, kerberized cluster(with fix).png In a secure cluster, user access the UI by default as dr. who. Since dr. who by default is not allowed to view the app info, user cannot view the apps. The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (AMBARI-12415) Ambari should set dr. who in the admin acl by default in the secure cluster
[ https://issues.apache.org/jira/browse/AMBARI-12415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14626992#comment-14626992 ] Robert Levas commented on AMBARI-12415: --- +1 for the patch Ambari should set dr. who in the admin acl by default in the secure cluster --- Key: AMBARI-12415 URL: https://issues.apache.org/jira/browse/AMBARI-12415 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.1.0 Reporter: Jaimin D Jetly Assignee: Jaimin D Jetly Priority: Critical Fix For: 2.1.1 Attachments: AMBARI-12415.patch, dr.who logged in (with fix).png, kerberized cluster(with fix).png In a secure cluster, user access the UI by default as dr. who. Since dr. who by default is not allowed to view the app info, user cannot view the apps. The proposal is to always add dr who. as the admin user. -- This message was sent by Atlassian JIRA (v6.3.4#6332)