ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jiayi Liu <liujiayi...@gmail.com>
Subject Re: Review Request 71910: RANGER-2671 : Unlink core-site.xml in usersync conf before chown and chmod
Date Mon, 06 Jan 2020 10:55:28 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated 一月 6, 2020, 10:55 a.m.)

Review request for ranger and Ramesh Mani.

Bugs: RANGER-2671

Repository: ranger


If we run setup.sh in usersync a second time, the setup.py in usersync folder will change
the permissions to 0750 and owner to ranger:ranger of hadoop core-site.xml. This will affect
other software that needs to read core-site.xml, for example, hiveserver2 will fail to start
because it does not have permission to read core-site.xml. Ranger should never change the
permission or ownership of core-site.xml in hadoop conf dir.
The reason why the permissions and owner of core-site.xml are modified is because the following
code in unixauthservice/scripts/setup.py
for dir in fixPermList:
    for root, dirs, files in os.walk(dir):
        os.chown(root, ownerId, groupId)
        os.chmod(root, 0755)
        for obj in dirs:
            dn = join(root, obj)
            os.chown(dn, ownerId, groupId)
            os.chmod(dn, 0755)
        for obj in files:
            fn = join(root, obj)
            os.chown(fn, ownerId, groupId)
            os.chmod(fn, 0750)
If we run setup.sh in usersync a second time, there will be a soft link of core-site.xml in
/etc/ranger/usersync/conf. In the for loop, it will traverse to /etc/ranger/usersync/conf/core-site.xml,
and use os.chown and os.chmod to change the permisson and ownership. We should unlink the
soft link of core-site.xml before this for loop.


  unixauthservice/scripts/setup.py 54297f4b9 

Diff: https://reviews.apache.org/r/71910/diff/1/


File Attachments (updated)



Jiayi Liu

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message