You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Fateh Singh (Jira)" <ji...@apache.org> on 2023/03/03 03:47:00 UTC
[jira] [Commented] (RANGER-4043) [ugsync]Enumerate Groups will give error on executing 'getent group' command
[ https://issues.apache.org/jira/browse/RANGER-4043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17695994#comment-17695994 ]
Fateh Singh commented on RANGER-4043:
-------------------------------------
Fix reviewed and merged: https://github.com/apache/ranger/pull/223/commits/8146ec28d20d086f736c852371ffdebc75400922
> [ugsync]Enumerate Groups will give error on executing 'getent group' command
> ----------------------------------------------------------------------------
>
> Key: RANGER-4043
> URL: https://issues.apache.org/jira/browse/RANGER-4043
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhishek Pal
> Assignee: Fateh Singh
> Priority: Major
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> Currently in the Ranger usersync code for UnixUserSync the enumerate group option accepts group as comma separated values.
> Example:
> {code:java}
> ranger.usersync.group.enumerate: true
> ranger.usersync.group.enumerategroup: test_group1,test_group2
> {code}
> However in the code
> *ugsync/src/main/java/org/apache/ranger/process*
> *UnixUserGroupBuilder.java -> buildUnixGroupList()*
> when {*}enumerateGroups is set{*}, the line:
> {code:java}
> String[] cmd = new String[] {"bash", "-c", command + " '" + group + "'"};
> {code}
> will create the command as:
> *bash -c getent group <group_name> '<group_name>'*
> {code:java}
> bash -c getent group test_group1 'test_group1'
> {code}
> which is an invalid command as *getent* takes one argument.
> This will return an exit-code 2 with error.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)