You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kudu.apache.org by "Todd Lipcon (JIRA)" <ji...@apache.org> on 2019/02/27 23:17:00 UTC
[jira] [Created] (KUDU-2717) Add an environment variable for
username override in non-secure clusters
Todd Lipcon created KUDU-2717:
---------------------------------
Summary: Add an environment variable for username override in non-secure clusters
Key: KUDU-2717
URL: https://issues.apache.org/jira/browse/KUDU-2717
Project: Kudu
Issue Type: Improvement
Components: security, util
Reporter: Todd Lipcon
If a cluster isn't secure, then using the current Unix username isn't a strong identity. However, we still perform authorization based on that username. This makes it inconvenient to run tools like 'ksck' from a regular user account -- you end up needing to 'sudo -u kudu' before doing so, and if running from a remote machine there might not even be such a user.
Given that the local username isn't a strong identity anyways (someone could always recompile kudu or use LD_PRELOAD to override it), let's provide an environment variable KUDU_USER_NAME that can perform a similar override.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)