You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Michael Han (JIRA)" <ji...@apache.org> on 2017/08/03 05:09:00 UTC

[jira] [Assigned] (ZOOKEEPER-2843) auth_to_local should support reading rules from a file

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-2843?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Han reassigned ZOOKEEPER-2843:
--------------------------------------

    Assignee: Lionel Cons

> auth_to_local should support reading rules from a file
> ------------------------------------------------------
>
>                 Key: ZOOKEEPER-2843
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843
>             Project: ZooKeeper
>          Issue Type: Improvement
>    Affects Versions: 3.4.10, 3.5.3
>            Reporter: Lionel Cons
>            Assignee: Lionel Cons
>         Attachments: ZOOKEEPER-2843.patch
>
>
> The current handling of {{zookeeper.security.auth_to_local}} in {{KerberosName.java}} only supports rules given directly as property value.
> These rules must therefore be given on the command line and:
> * must be escaped properly to avoid shell expansion
> * are visible in the {{ps}} output
> It would be much better to put these rules in a file and pass the file path as the property value. We would then use something like {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}.
> Note that using the {{file:}} prefix allows keeping backward compatibility.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)