You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by st...@apache.org on 2017/01/28 17:27:46 UTC
ambari git commit: AMBARI-19726. Post user creation hook is passed
the hdfs user from the hadoop-env config type. (Laszlo Puskas via stoader)
Repository: ambari
Updated Branches:
refs/heads/trunk c2907860e -> 86fbb3810
AMBARI-19726. Post user creation hook is passed the hdfs user from the hadoop-env config type. (Laszlo Puskas via stoader)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/86fbb381
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/86fbb381
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/86fbb381
Branch: refs/heads/trunk
Commit: 86fbb38108e2d9b87f22b1920cada3a655677285
Parents: c290786
Author: Laszlo Puskas <lp...@hortonworks.com>
Authored: Sat Jan 28 18:27:31 2017 +0100
Committer: Toader, Sebastian <st...@hortonworks.com>
Committed: Sat Jan 28 18:27:31 2017 +0100
----------------------------------------------------------------------
.../server/hooks/users/UserHookParams.java | 3 ++-
.../server/hooks/users/UserHookService.java | 23 ++++++++++++++------
.../users/CsvFilePersisterService.java | 6 ++---
.../users/PostUserCreationHookServerAction.java | 8 ++++++-
.../scripts/post-user-creation-hook.sh | 9 ++++++--
.../server/hooks/users/UserHookServiceTest.java | 9 ++++++++
.../PostUserCreationHookServerActionTest.java | 3 ++-
7 files changed, 45 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookParams.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookParams.java b/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookParams.java
index 6970dcc..4b1b5aa 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookParams.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookParams.java
@@ -34,7 +34,8 @@ public enum UserHookParams {
// identify security related values
CLUSTER_SECURITY_TYPE("cluster-security-type"),
CMD_HDFS_PRINCIPAL("cmd-hdfs-principal"),
- CMD_HDFS_KEYTAB("cmd-hdfs-keytab");
+ CMD_HDFS_KEYTAB("cmd-hdfs-keytab"),
+ CMD_HDFS_USER("cmd-hdfs-user");
private String param;
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookService.java b/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookService.java
index c4ff1e4..69463ab 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/hooks/users/UserHookService.java
@@ -170,8 +170,10 @@ public class UserHookService implements HookService {
commandParams.put(UserHookParams.CMD_HDFS_KEYTAB.param(), clusterData.getKeytab());
commandParams.put(UserHookParams.CMD_HDFS_PRINCIPAL.param(), clusterData.getPrincipal());
+ commandParams.put(UserHookParams.CMD_HDFS_USER.param(), clusterData.getHdfsUser());
commandParams.put(UserHookParams.CMD_INPUT_FILE.param(), generateInputFileName());
+
commandParams.put(UserHookParams.PAYLOAD.param(), objectMapper.writeValueAsString(context.getUserGroups()));
return commandParams;
@@ -228,15 +230,16 @@ public class UserHookService implements HookService {
break;
}
- return new ClusterData(cluster.getClusterName(), cluster.getClusterId(), cluster.getSecurityType().name(), principal, keyTab);
- }
- private void getSecurityData(Configuration configuraiton) {
- //principal
+ return new ClusterData(cluster.getClusterName(), cluster.getClusterId(), cluster.getSecurityType().name(), principal, keyTab, getHdfsUser(cluster));
+ }
- //keytab
+ private String getHdfsUser(Cluster cluster) {
+ String hdfsUser = cluster.getDesiredConfigByType("hadoop-env").getProperties().get("hdfs_user");
+ return hdfsUser;
}
+
/**
* Local representation of cluster data.
*/
@@ -247,12 +250,15 @@ public class UserHookService implements HookService {
private String principal;
private String keytab;
- public ClusterData(String clusterName, Long clusterId, String securityType, String principal, String keytab) {
+ private String hdfsUser;
+
+ public ClusterData(String clusterName, Long clusterId, String securityType, String principal, String keytab, String hdfsUser) {
this.clusterName = clusterName;
this.clusterId = clusterId;
this.securityType = securityType;
this.principal = principal;
this.keytab = keytab;
+ this.hdfsUser = hdfsUser;
}
public String getClusterName() {
@@ -274,6 +280,9 @@ public class UserHookService implements HookService {
public String getKeytab() {
return keytab;
}
- }
+ public String getHdfsUser() {
+ return hdfsUser;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/CsvFilePersisterService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/CsvFilePersisterService.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/CsvFilePersisterService.java
index fe6bf35..b78a127 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/CsvFilePersisterService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/CsvFilePersisterService.java
@@ -18,15 +18,12 @@
package org.apache.ambari.server.serveraction.users;
-import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
-import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.PosixFilePermission;
-import java.nio.file.attribute.PosixFilePermissions;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
@@ -72,7 +69,8 @@ public class CsvFilePersisterService implements CollectionPersisterService<Strin
@Inject
public void init() throws IOException {
- Path csv = Files.createFile(Paths.get(csvFile), PosixFilePermissions.asFileAttribute(getCsvPermissions()));
+ Path csv = Files.createFile(Paths.get(csvFile));
+ Files.setPosixFilePermissions(Paths.get(csvFile), getCsvPermissions());
fileWriter = new FileWriter(csv.toFile());
csvPrinter = new CSVPrinter(fileWriter, CSVFormat.DEFAULT.withRecordSeparator(NEW_LINE_SEPARATOR));
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerAction.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerAction.java
index 45bc0eb..2d6d38d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerAction.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerAction.java
@@ -116,7 +116,8 @@ public class PostUserCreationHookServerAction extends AbstractServerAction {
params.get(UserHookParams.CMD_INPUT_FILE.param()),
params.get(UserHookParams.CLUSTER_SECURITY_TYPE.param()),
params.get(UserHookParams.CMD_HDFS_PRINCIPAL.param()),
- params.get(UserHookParams.CMD_HDFS_KEYTAB.param())
+ params.get(UserHookParams.CMD_HDFS_KEYTAB.param()),
+ params.get(UserHookParams.CMD_HDFS_USER.param())
};
LOGGER.debug("Server action command to be executed: {}", cmdArray);
return cmdArray;
@@ -149,6 +150,11 @@ public class PostUserCreationHookServerAction extends AbstractServerAction {
throw new IllegalArgumentException("Missing command parameter: [" + UserHookParams.CLUSTER_SECURITY_TYPE.param() + "]");
}
+ if (!commandParams.containsKey(UserHookParams.CMD_HDFS_USER.param())) {
+ LOGGER.error("Missing command parameter: {}; Failing the server action.", UserHookParams.CMD_HDFS_USER.param());
+ throw new IllegalArgumentException("Missing command parameter: [" + UserHookParams.CMD_HDFS_USER.param() + "]");
+ }
+
LOGGER.info("Command parameter validation passed.");
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/main/resources/scripts/post-user-creation-hook.sh
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/scripts/post-user-creation-hook.sh b/ambari-server/src/main/resources/scripts/post-user-creation-hook.sh
index ee8d2d1..91511a0 100755
--- a/ambari-server/src/main/resources/scripts/post-user-creation-hook.sh
+++ b/ambari-server/src/main/resources/scripts/post-user-creation-hook.sh
@@ -30,6 +30,8 @@ CSV_FILE="$1"
SECURITY_TYPE=$2
: "${SECURITY_TYPE:?"Missing security type input for the post-user creation hook"}"
+# the last argument is the user with dfs administrator privileges
+HDFS_USR=${@: -1}
}
@@ -37,8 +39,8 @@ SECURITY_TYPE=$2
ambari_sudo(){
ARG_STR="$1"
-CMD_STR="/var/lib/ambari-server/ambari-sudo.sh su hdfs -l -s /bin/bash -c '$ARG_STR'"
-
+CMD_STR="/var/lib/ambari-server/ambari-sudo.sh su '$HDFS_USR' -l -s /bin/bash -c '$ARG_STR'"
+echo "Executing command: [ $CMD_STR ]"
eval "$CMD_STR"
}
@@ -101,6 +103,9 @@ do
EOF
done <"$CSV_FILE"
+# Setting read permissions on the generated file
+chmod 644 $JSON_INPUT
+
# deleting the last line
sed -i '$ d' "$JSON_INPUT"
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/test/java/org/apache/ambari/server/hooks/users/UserHookServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/hooks/users/UserHookServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/hooks/users/UserHookServiceTest.java
index 834f930..b642d35 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/hooks/users/UserHookServiceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/hooks/users/UserHookServiceTest.java
@@ -37,6 +37,7 @@ import org.apache.ambari.server.hooks.AmbariEventFactory;
import org.apache.ambari.server.hooks.HookContext;
import org.apache.ambari.server.state.Cluster;
import org.apache.ambari.server.state.Clusters;
+import org.apache.ambari.server.state.Config;
import org.apache.ambari.server.state.SecurityType;
import org.apache.ambari.server.state.svccomphost.ServiceComponentHostServerActionEvent;
import org.codehaus.jackson.map.ObjectMapper;
@@ -90,6 +91,9 @@ public class UserHookServiceTest extends EasyMockSupport {
@Mock
private Stage stageMock;
+ @Mock
+ private Config configMock;
+
@TestSubject
private UserHookService hookService = new UserHookService();
@@ -193,9 +197,14 @@ public class UserHookServiceTest extends EasyMockSupport {
Map<String, Cluster> clsMap = new HashMap<>();
clsMap.put("test-cluster", clusterMock);
+ Map<String, String> configMap = new HashMap<>();
+ configMap.put("hdfs_user", "hdfs-test-user");
+
EasyMock.expect(clusterMock.getClusterId()).andReturn(1l);
EasyMock.expect(clusterMock.getClusterName()).andReturn("test-cluster");
EasyMock.expect(clusterMock.getSecurityType()).andReturn(SecurityType.NONE).times(3);
+ EasyMock.expect(clusterMock.getDesiredConfigByType("hadoop-env")).andReturn(configMock);
+ EasyMock.expect(configMock.getProperties()).andReturn(configMap);
EasyMock.expect(actionManagerMock.getNextRequestId()).andReturn(1l);
http://git-wip-us.apache.org/repos/asf/ambari/blob/86fbb381/ambari-server/src/test/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerActionTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerActionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerActionTest.java
index a4d50ef..6d6e42c 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerActionTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/users/PostUserCreationHookServerActionTest.java
@@ -115,6 +115,7 @@ public class PostUserCreationHookServerActionTest extends EasyMockSupport {
commandParams.put(UserHookParams.CMD_TIME_FRAME.param(), "1000");
commandParams.put(UserHookParams.CMD_INPUT_FILE.param(), "/test/user_data.csv");
commandParams.put(UserHookParams.CLUSTER_SECURITY_TYPE.param(), SecurityType.KERBEROS.name());
+ commandParams.put(UserHookParams.CMD_HDFS_USER.param(), "test-hdfs-user");
EasyMock.expect(executionCommand.getCommandParams()).andReturn(commandParams);
EasyMock.expect(objectMapperMock.readValue(payloadJson, Map.class)).andReturn(payload);
@@ -139,7 +140,7 @@ public class PostUserCreationHookServerActionTest extends EasyMockSupport {
String[] commandArray = commandCapture.getValue();
Assert.assertNotNull("The command to be executed must not be null!", commandArray);
- Assert.assertEquals("The command argument array length is not as expected!", 5, commandArray.length);
+ Assert.assertEquals("The command argument array length is not as expected!", 6, commandArray.length);
Assert.assertEquals("The command script is not as expected", "/hookfolder/hook.name", commandArray[0]);
}