ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ankita Sinha <ankita.si...@freestoneinfotech.com>
Subject Review Request 48064: Handle upgrade scenario in Kerberized Cluster
Date Tue, 31 May 2016 09:03:03 GMT

This is an automatically generated e-mail. To reply, visit:

Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj,
Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.

Bugs: RANGER-1003

Repository: ranger


**Problem Statement**
In secure environment after upgrade the service and policies is not updated with custom properties
for Policy/Tag download and with lookup user to have permission for Test Connection and Resource

**Need to implement following**
1. After upgrade add lookup user to have permissions in all policies.
2. After upgrade add custom property "policy.download.auth.users" and "tag.download.auth.users"
in Service config of each repo and "policy.grantrevoke.auth.users" for HBase/Hive.


  security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 63c630e 
  security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java d2178f4 
  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 1028c8d 
  security-admin/src/main/java/org/apache/ranger/rest/TagREST.java be70cfe 

Diff: https://reviews.apache.org/r/48064/diff/


1. Tested Ranger Admin with admin and keyadmin role user.
2. Checked when Ranger Admin starts the service/policy created in previous version is updated
in secure cluster.


Ankita Sinha

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message