You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Hudson (Jira)" <ji...@apache.org> on 2019/12/13 06:58:00 UTC

[jira] [Commented] (AMBARI-25413) Ambari is changing the truststore permission from 444/644 to 640.

    [ https://issues.apache.org/jira/browse/AMBARI-25413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16995406#comment-16995406 ] 

Hudson commented on AMBARI-25413:
---------------------------------

SUCCESS: Integrated in Jenkins build Ambari-branch-2.7 #637 (See [https://builds.apache.org/job/Ambari-branch-2.7/637/])
AMBARI-25413 Ambari is changing the truststore permission from 444/644 (asnaik: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=a4557c66df571a04ed4c4d487542c16960d9eadd])
* (edit) ambari-server/src/main/python/ambari_server/serverConfiguration.py


> Ambari is changing the truststore permission from 444/644 to 640.
> -----------------------------------------------------------------
>
>                 Key: AMBARI-25413
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25413
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.7.4
>            Reporter: Aashish Bathla
>            Assignee: Szilard Antal
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> When running ambari-server setup-security and choosing '[1]  Enable HTTPS for Ambari server.' we give the following information:
> Do you want to disable HTTPS [y/n] (n)? n
> SSL port [8080] ? 8080
> Enter path to Certificate: <Certificate File>
> Enter path to Private Key: <Key File>
> Please enter password for Private Key: <empty>
> Generating random password for HTTPS keystore...done.
> Importing and saving Certificate...done.
> Thereafter Unix permission of the systemwide Java truststore 
> /var/lib/ca-certificates/java-cacerts are changed from mode 444 to 640.
> In consequence Applications do not start anymore because the truststore is not world readable. It's creating impact on applications which is run by other users.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)