This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 1a2d41c RANGER-3485: db setup scripts should not convert the db user
to lowercase during setup
1a2d41c is described below
commit 1a2d41ca65e821d0621f8295524c78f87dd22b56
Author: pradeep <prad...@apache.org>
AuthorDate: Tue Mar 29 16:53:52 2022 +0530
RANGER-3485: db setup scripts should not convert the db user to lowercase
during setup
---
kms/scripts/db_setup.py | 2 --
kms/scripts/dba_script.py | 50 +++++++++++++-------------
kms/scripts/setup.sh | 3 --
security-admin/scripts/db_setup.py | 4 +--
security-admin/scripts/dba_script.py | 68 +++++++++++++++++-------------------
security-admin/scripts/setup.sh | 2 --
6 files changed, 57 insertions(+), 72 deletions(-)
diff --git a/kms/scripts/db_setup.py b/kms/scripts/db_setup.py
index 2548025..165e30d 100644
--- a/kms/scripts/db_setup.py
+++ b/kms/scripts/db_setup.py
@@ -665,8 +665,6 @@ def main(argv):
xa_db_core_file = os.path.join(RANGER_KMS_HOME
,oracle_core_file)
elif XA_DB_FLAVOR == "POSTGRES":
- db_user=db_user.lower()
- db_name=db_name.lower()
POSTGRES_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type)
xa_db_core_file = os.path.join(RANGER_KMS_HOME ,
postgres_core_file)
diff --git a/kms/scripts/dba_script.py b/kms/scripts/dba_script.py
index 14e6ff8..544c120 100755
--- a/kms/scripts/dba_script.py
+++ b/kms/scripts/dba_script.py
@@ -654,13 +654,13 @@ class PostgresConf(BaseDB):
log("[I] User does not exists, Creating
user : " + db_user, "info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, 'postgres')
if is_unix:
- query = get_cmd + " -query
\"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
- query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user,
masked_pwd_string)
+ query = get_cmd + " -query
\"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
+ query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\"" %(db_user,
masked_pwd_string)
jisql_log(query_with_masked_pwd, db_root_password)
ret =
subprocess.call(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query
\"CREATE USER %s WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user, db_password)
- query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user,
masked_pwd_string)
+ query = get_cmd + " -query
\"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user,
db_password)
+ query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\" -c ;"
%(db_user, masked_pwd_string)
jisql_log(query_with_masked_pwd, db_root_password)
ret = subprocess.call(query)
if ret == 0:
@@ -673,7 +673,7 @@ class PostgresConf(BaseDB):
log("[E] Postgres user "
+db_user+" creation failed..", "error")
sys.exit(1)
else:
- logFile("CREATE USER %s WITH LOGIN
PASSWORD '%s';" %(db_user, db_password))
+ logFile("CREATE USER \"%s\" WITH LOGIN
PASSWORD '%s';" %(db_user, db_password))
def verify_db(self, root_user, db_root_password, db_name,dryMode):
if dryMode == False:
@@ -700,11 +700,11 @@ class PostgresConf(BaseDB):
log("[I] Database does not exist, Creating
database : " + db_name,"info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, 'postgres')
if is_unix:
- query = get_cmd + " -query \"create
database %s with OWNER %s;\"" %(db_name, db_user)
+ query = get_cmd + " -query \"create
database \\\"%s\\\" with OWNER \\\"%s\\\";\"" %(db_name, db_user)
jisql_log(query, db_root_password)
ret =
subprocess.call(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"create
database %s with OWNER %s;\" -c ;" %(db_name, db_user)
+ query = get_cmd + " -query \"create
database \\\"%s\\\" with OWNER \\\"%s\\\";\" -c ;" %(db_name, db_user)
jisql_log(query, db_root_password)
ret = subprocess.call(query)
if ret != 0:
@@ -718,18 +718,18 @@ class PostgresConf(BaseDB):
log("[E] Database creation
failed..","error")
sys.exit(1)
else:
- logFile("CREATE DATABASE %s WITH OWNER %s;"
%(db_name, db_user))
+ logFile("CREATE DATABASE \"%s\" WITH OWNER
\"%s\";" %(db_name, db_user))
def grant_xa_db_user(self, root_user, db_name, db_user, db_password,
db_root_password , is_revoke,dryMode):
if dryMode == False:
log("[I] Granting privileges TO user '"+db_user+"' on
db '"+db_name+"'" , "info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, db_name)
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE %s to %s;\"" %(db_name, db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE \\\"%s\\\" to \\\"%s\\\";\"" %(db_name, db_user)
jisql_log(query, db_root_password)
ret = subprocess.call(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE %s to %s;\" -c ;" %(db_name, db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE \\\"%s\\\" to \\\"%s\\\";\" -c ;" %(db_name, db_user)
jisql_log(query, db_root_password)
ret = subprocess.call(query)
if ret != 0:
@@ -737,11 +737,11 @@ class PostgresConf(BaseDB):
sys.exit(1)
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO %s;\"" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO \\\"%s\\\";\"" %(db_user)
jisql_log(query, db_root_password)
ret = subprocess.call(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO %s;\" -c ;" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO \\\"%s\\\";\" -c ;" %(db_user)
jisql_log(query, db_root_password)
ret = subprocess.call(query)
if ret != 0:
@@ -762,14 +762,14 @@ class PostgresConf(BaseDB):
tablename , value =
each_line.strip().split(" |",1)
tablename = tablename.strip()
if is_unix:
- query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON TABLE %s TO %s;\"" %(tablename,db_user)
+ query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON TABLE %s TO \\\"%s\\\";\"" %(tablename,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocess.call(shlex.split(query1))
if ret != 0:
log("[E] Granting all
privileges on tablename "+tablename+" to user "+db_user+" failed..", "error")
sys.exit(1)
elif os_name == "WINDOWS":
- query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON TABLE %s TO %s;\" -c ;" %(tablename,db_user)
+ query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON TABLE %s TO \\\"%s\\\";\" -c ;" %(tablename,db_user)
jisql_log(query1,
db_root_password)
ret = subprocess.call(query1)
if ret != 0:
@@ -791,14 +791,14 @@ class PostgresConf(BaseDB):
sequence_name , value =
each_line.strip().split(" |",1)
sequence_name = sequence_name.strip()
if is_unix:
- query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON SEQUENCE %s TO %s;\"" %(sequence_name,db_user)
+ query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON SEQUENCE %s TO \\\"%s\\\";\"" %(sequence_name,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocess.call(shlex.split(query1))
if ret != 0:
log("[E] Granting all
privileges on sequence "+sequence_name+" to user "+db_user+" failed..", "error")
sys.exit(1)
elif os_name == "WINDOWS":
- query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON SEQUENCE %s TO %s;\" -c ;" %(sequence_name,db_user)
+ query1 = get_cmd + " -query
\"GRANT ALL PRIVILEGES ON SEQUENCE %s TO \\\"%s\\\";\" -c ;"
%(sequence_name,db_user)
jisql_log(query1,
db_root_password)
ret = subprocess.call(query1)
if ret != 0:
@@ -807,18 +807,18 @@ class PostgresConf(BaseDB):
log("[I] Granting privileges TO user '"+db_user+"' on
db '"+db_name+"' Done" , "info")
else:
- logFile("GRANT ALL PRIVILEGES ON DATABASE %s to %s;"
%(db_name, db_user))
- logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO %s;"
%( db_user))
- logFile("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA
public TO %s;" %(db_user))
- logFile("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN
SCHEMA public TO %s;" %(db_user))
+ logFile("GRANT ALL PRIVILEGES ON DATABASE \"%s\" to
\"%s\";" %(db_name, db_user))
+ logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO
\"%s\";" %( db_user))
+ logFile("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA
public TO \"%s\";" %(db_user))
+ logFile("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN
SCHEMA public TO \"%s\";" %(db_user))
def writeDrymodeCmd(self, xa_db_root_user, xa_db_root_password,
db_user, db_password, db_name):
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') to execute below sql statements.")
- logFile("CREATE USER %s WITH LOGIN PASSWORD '%s';" %(db_user,
db_password))
- logFile("CREATE DATABASE %s WITH OWNER %s;" %(db_name, db_user))
+ logFile("CREATE USER \"%s\" WITH LOGIN PASSWORD '%s';"
%(db_user, db_password))
+ logFile("CREATE DATABASE \"%s\" WITH OWNER \"%s\";" %(db_name,
db_user))
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') on '%s' database to execute below sql
statements."%(db_name))
- logFile("GRANT ALL PRIVILEGES ON DATABASE %s to %s;" %(db_name,
db_user))
- logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO %s;"
%(db_user))
+ logFile("GRANT ALL PRIVILEGES ON DATABASE \"%s\" to \"%s\";"
%(db_name, db_user))
+ logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO \"%s\";"
%(db_user))
class SqlServerConf(BaseDB):
# Constructor
@@ -1442,8 +1442,6 @@ def main(argv):
xa_db_core_file = os.path.join(RANGER_KMS_HOME,oracle_core_file)
elif XA_DB_FLAVOR == "POSTGRES":
- db_user=db_user.lower()
- db_name=db_name.lower()
POSTGRES_CONNECTOR_JAR=CONNECTOR_JAR
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
xa_db_core_file =
os.path.join(RANGER_KMS_HOME,postgres_core_file)
diff --git a/kms/scripts/setup.sh b/kms/scripts/setup.sh
index b5a6e71..f723e09 100755
--- a/kms/scripts/setup.sh
+++ b/kms/scripts/setup.sh
@@ -548,9 +548,6 @@ update_properties() {
fi
if [ "${DB_FLAVOR}" == "POSTGRES" ]
then
- db_name=`echo ${db_name} | tr '[:upper:]' '[:lower:]'`
- db_user=`echo ${db_user} | tr '[:upper:]' '[:lower:]'`
-
if [ "${db_ssl_enabled}" == "true" ]
then
if test -f $db_ssl_certificate_file; then
diff --git a/security-admin/scripts/db_setup.py
b/security-admin/scripts/db_setup.py
index ff54956..eaae5c8 100644
--- a/security-admin/scripts/db_setup.py
+++ b/security-admin/scripts/db_setup.py
@@ -346,7 +346,7 @@ class BaseDB(object):
sys.exit(1)
isSchemaCreated=False
countTries = 0
- while(isSchemaCreated==False or
countTries<2):
+ while(isSchemaCreated==False and
countTries<3):
countTries=countTries+1
isFirstTableExist =
self.check_table(db_name, db_user, db_password, first_table)
isLastTableExist =
self.check_table(db_name, db_user, db_password, last_table)
@@ -1336,8 +1336,6 @@ def main(argv):
last_table='X_POLICY_REF_GROUP'
elif XA_DB_FLAVOR == "POSTGRES":
- db_user=db_user.lower()
- db_name=db_name.lower()
POSTGRES_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type,is_override_db_connection_string,db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME ,
postgres_dbversion_catalog)
diff --git a/security-admin/scripts/dba_script.py
b/security-admin/scripts/dba_script.py
index e7567a3..0ba3969 100644
--- a/security-admin/scripts/dba_script.py
+++ b/security-admin/scripts/dba_script.py
@@ -799,13 +799,13 @@ class PostgresConf(BaseDB):
log("[I] User does not exists, Creating
user : " + db_user, "info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, 'postgres')
if is_unix:
- query = get_cmd + " -query
\"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
- query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\"" %(db_user,
masked_pwd_string)
+ query = get_cmd + " -query
\"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\"" %(db_user, db_password)
+ query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\"" %(db_user,
masked_pwd_string)
jisql_log(query_with_masked_pwd, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query
\"CREATE USER %s WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user, db_password)
- query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER %s WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user,
masked_pwd_string)
+ query = get_cmd + " -query
\"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\" -c ;" %(db_user,
db_password)
+ query_with_masked_pwd = get_cmd
+ " -query \"CREATE USER \\\"%s\\\" WITH LOGIN PASSWORD '%s';\" -c ;"
%(db_user, masked_pwd_string)
jisql_log(query_with_masked_pwd, db_root_password)
ret =
subprocessCallWithRetry(query)
if self.verify_user(root_user,
db_root_password, db_user,dryMode):
@@ -814,7 +814,7 @@ class PostgresConf(BaseDB):
log("[E] Postgres user "
+db_user+" creation failed..", "error")
sys.exit(1)
else:
- logFile("CREATE USER %s WITH LOGIN
PASSWORD '%s';" %(db_user, db_password))
+ logFile("CREATE USER \"%s\" WITH LOGIN
PASSWORD '%s';" %(db_user, db_password))
def verify_db(self, root_user, db_root_password, db_name,dryMode):
if dryMode == False:
@@ -841,11 +841,11 @@ class PostgresConf(BaseDB):
log("[I] Database does not exist, Creating
database : " + db_name,"info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, 'postgres')
if is_unix:
- query = get_cmd + " -query \"create
database %s with OWNER %s;\"" %(db_name, db_user)
+ query = get_cmd + " -query \"create
database \\\"%s\\\" with OWNER \\\"%s\\\";\"" %(db_name, db_user)
jisql_log(query, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"create
database %s with OWNER %s;\" -c ;" %(db_name, db_user)
+ query = get_cmd + " -query \"create
database \\\"%s\\\" with OWNER \\\"%s\\\";\" -c ;" %(db_name, db_user)
jisql_log(query, db_root_password)
ret = subprocessCallWithRetry(query)
if self.verify_db(root_user, db_root_password,
db_name,dryMode):
@@ -855,18 +855,18 @@ class PostgresConf(BaseDB):
log("[E] Database creation
failed..","error")
sys.exit(1)
else:
- logFile("CREATE DATABASE %s WITH OWNER %s;"
%(db_name, db_user))
+ logFile("CREATE DATABASE \"%s\" WITH OWNER
\"%s\";" %(db_name, db_user))
def grant_xa_db_user(self, root_user, db_name, db_user, db_password,
db_root_password , is_revoke,dryMode):
if dryMode == False:
log("[I] Granting privileges TO user '"+db_user+"' on
db '"+db_name+"'" , "info")
get_cmd = self.get_jisql_cmd(root_user,
db_root_password, db_name)
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE %s to %s;\"" %(db_name, db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE \\\"%s\\\" to \\\"%s\\\";\"" %(db_name, db_user)
jisql_log(query, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE %s to %s;\" -c ;" %(db_name, db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON DATABASE \\\"%s\\\" to \\\"%s\\\";\" -c ;" %(db_name, db_user)
jisql_log(query, db_root_password)
ret = subprocessCallWithRetry(query)
if ret != 0:
@@ -874,11 +874,11 @@ class PostgresConf(BaseDB):
sys.exit(1)
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO %s;\"" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO \\\"%s\\\";\"" %(db_user)
jisql_log(query, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO %s;\" -c ;" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON SCHEMA public TO \\\"%s\\\";\" -c ;" %(db_user)
jisql_log(query, db_root_password)
ret = subprocessCallWithRetry(query)
if ret != 0:
@@ -886,11 +886,11 @@ class PostgresConf(BaseDB):
sys.exit(1)
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;\"" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL TABLES IN SCHEMA public TO \\\"%s\\\";\"" %(db_user)
jisql_log(query, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;\" -c ;" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL TABLES IN SCHEMA public TO \\\"%s\\\";\" -c ;" %(db_user)
jisql_log(query, db_root_password)
ret = subprocessCallWithRetry(query)
if ret != 0:
@@ -909,14 +909,14 @@ class PostgresConf(BaseDB):
tablename , value =
each_line.strip().split(" |",1)
tablename = tablename.strip()
if is_unix:
- query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON TABLE %s TO %s;\"" %(tablename,db_user)
+ query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON TABLE %s TO \\\"%s\\\";\"" %(tablename,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query1))
if ret != 0:
log("[E]
Granting all privileges on tablename "+tablename+" to user "+db_user+"
failed..", "error")
sys.exit(1)
elif os_name == "WINDOWS":
- query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON TABLE %s TO %s;\" -c ;" %(tablename,db_user)
+ query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON TABLE %s TO \\\"%s\\\";\" -c ;"
%(tablename,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocessCallWithRetry(query1)
if ret != 0:
@@ -925,11 +925,11 @@ class PostgresConf(BaseDB):
if is_unix:
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;\"" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \\\"%s\\\";\"" %(db_user)
jisql_log(query, db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query))
elif os_name == "WINDOWS":
- query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;\" -c ;" %(db_user)
+ query = get_cmd + " -query \"GRANT ALL
PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \\\"%s\\\";\" -c ;" %(db_user)
jisql_log(query, db_root_password)
ret = subprocessCallWithRetry(query)
if ret!=0:
@@ -947,14 +947,14 @@ class PostgresConf(BaseDB):
sequence_name , value =
each_line.strip().split(" |",1)
sequence_name =
sequence_name.strip()
if is_unix:
- query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON SEQUENCE %s TO %s;\"" %(sequence_name,db_user)
+ query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON SEQUENCE %s TO \\\"%s\\\";\""
%(sequence_name,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocessCallWithRetry(shlex.split(query1))
if ret != 0:
log("[E]
Granting all privileges on sequence "+sequence_name+" to user "+db_user+"
failed..", "error")
sys.exit(1)
elif os_name == "WINDOWS":
- query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON SEQUENCE %s TO %s;\" -c ;"
%(sequence_name,db_user)
+ query1 = get_cmd + "
-query \"GRANT ALL PRIVILEGES ON SEQUENCE %s TO \\\"%s\\\";\" -c ;"
%(sequence_name,db_user)
jisql_log(query1,
db_root_password)
ret =
subprocessCallWithRetry(query1)
if ret != 0:
@@ -963,10 +963,10 @@ class PostgresConf(BaseDB):
log("[I] Granting privileges TO user '"+db_user+"' on
db '"+db_name+"' Done" , "info")
else:
- logFile("GRANT ALL PRIVILEGES ON DATABASE %s to %s;"
%(db_name, db_user))
- logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO %s;"
%( db_user))
- logFile("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA
public TO %s;" %(db_user))
- logFile("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN
SCHEMA public TO %s;" %(db_user))
+ logFile("GRANT ALL PRIVILEGES ON DATABASE %s to
\"%s\";" %(db_name, db_user))
+ logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO
\"%s\";" %( db_user))
+ logFile("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA
public TO \"%s\";" %(db_user))
+ logFile("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN
SCHEMA public TO \"%s\";" %(db_user))
def create_auditdb_user(self, xa_db_host, audit_db_host, db_name,
audit_db_name, xa_db_root_user, audit_db_root_user, db_user, audit_db_user,
xa_db_root_password, audit_db_root_password, db_password, audit_db_password,
DBA_MODE,dryMode):
if DBA_MODE == "TRUE":
@@ -981,23 +981,23 @@ class PostgresConf(BaseDB):
def writeDrymodeCmd(self, xa_db_host, audit_db_host, xa_db_root_user,
xa_db_root_password, db_user, db_password, db_name, audit_db_root_user,
audit_db_root_password, audit_db_user, audit_db_password, audit_db_name):
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') to execute below sql statements.")
- logFile("CREATE USER %s WITH LOGIN PASSWORD '%s';" %(db_user,
db_password))
- logFile("CREATE DATABASE %s WITH OWNER %s;" %(db_name, db_user))
+ logFile("CREATE USER \"%s\" WITH LOGIN PASSWORD '%s';"
%(db_user, db_password))
+ logFile("CREATE DATABASE \"%s\" WITH OWNER \"%s\";" %(db_name,
db_user))
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') on '%s' database to execute below sql
statements."%(db_name))
- logFile("GRANT ALL PRIVILEGES ON DATABASE %s TO %s;" %(db_name,
db_user))
- logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO %s;"
%(db_user))
+ logFile("GRANT ALL PRIVILEGES ON DATABASE \"%s\" TO \"%s\";"
%(db_name, db_user))
+ logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO \"%s\";"
%(db_user))
if not db_user == audit_db_user:
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') to execute below sql statements.")
- logFile("CREATE USER %s WITH LOGIN PASSWORD '%s';"
%(audit_db_user, audit_db_password))
+ logFile("CREATE USER \"%s\" WITH LOGIN PASSWORD
\"%s\";" %(audit_db_user, audit_db_password))
if not db_name == audit_db_name:
if not db_user == audit_db_user:
pass
else:
logFile("# Login to POSTGRES Server from a
POSTGRES dba user(i.e 'postgres') to execute below sql statements.")
- logFile("CREATE DATABASE %s WITH OWNER %s;"
%(audit_db_name, db_user))
+ logFile("CREATE DATABASE \"%s\" WITH OWNER \"%s\";"
%(audit_db_name, db_user))
logFile("# Login to POSTGRES Server from a POSTGRES dba
user(i.e 'postgres') on '%s' database to execute below sql
statements."%(audit_db_name))
- logFile("GRANT ALL PRIVILEGES ON DATABASE %s TO %s;"
%(audit_db_name, db_user))
- logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO %s;"
%(db_user))
+ logFile("GRANT ALL PRIVILEGES ON DATABASE \"%s\" TO
\"%s\";" %(audit_db_name, db_user))
+ logFile("GRANT ALL PRIVILEGES ON SCHEMA public TO
\"%s\";" %(db_user))
class SqlServerConf(BaseDB):
# Constructor
@@ -1729,8 +1729,6 @@ def main(argv):
xa_patch_file = os.path.join(RANGER_ADMIN_HOME,oracle_patches)
elif XA_DB_FLAVOR == "POSTGRES":
- db_user=db_user.lower()
- db_name=db_name.lower()
POSTGRES_CONNECTOR_JAR=CONNECTOR_JAR
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
xa_db_version_file =
os.path.join(RANGER_ADMIN_HOME,postgres_dbversion_catalog)
@@ -1772,8 +1770,6 @@ def main(argv):
audit_db_file =
os.path.join(RANGER_ADMIN_HOME,oracle_audit_file)
elif AUDIT_DB_FLAVOR == "POSTGRES":
- audit_db_user=audit_db_user.lower()
- audit_db_name=audit_db_name.lower()
POSTGRES_CONNECTOR_JAR=CONNECTOR_JAR
audit_sqlObj =
PostgresConf(audit_db_host,POSTGRES_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
audit_db_file =
os.path.join(RANGER_ADMIN_HOME,postgres_audit_file)
diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh
index 8ba8e9a..7dc11d8 100755
--- a/security-admin/scripts/setup.sh
+++ b/security-admin/scripts/setup.sh
@@ -680,8 +680,6 @@ update_properties() {
fi
if [ "${DB_FLAVOR}" == "POSTGRES" ]
then
- db_name=`echo ${db_name} | tr '[:upper:]' '[:lower:]'`
- db_user=`echo ${db_user} | tr '[:upper:]' '[:lower:]'`
if [ "${db_ssl_enabled}" == "true" ]
then
