You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by pengjianhua <pe...@zte.com.cn> on 2017/03/23 03:59:24 UTC
Review Request 57865: The password is not set after the user is
created by
install program during installing Ranger Policy Admin. We should set
password like db user.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
Bugs: RANGER-1467
https://issues.apache.org/jira/browse/RANGER-1467
Repository: ranger
Description
-------
The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
1. Set the new user password manually.
2. Login system using root user. Then use su command to switch the new user.
Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
We should automatically set password for the new user after the user was created like db user.
Diffs
-----
security-admin/scripts/install.properties f323c95
security-admin/scripts/setup.sh 2e7752d
Diff: https://reviews.apache.org/r/57865/diff/1/
Testing
-------
Thanks,
pengjianhua
Re: Review Request 57865: The password is not set after the user is
created
by install program during installing Ranger Policy Admin. We should set
password like db user.
Posted by pengjianhua <pe...@zte.com.cn>.
> On March 23, 2017, 4:12 a.m., Selvamohan Neethiraj wrote:
> > security-admin/scripts/setup.sh
> > Lines 1273 (patched)
> > <https://reviews.apache.org/r/57865/diff/1/?file=1672499#file1672499line1273>
> >
> > Password Can be seen via Process List command
> >
> > Sending Password on the command will cause a security issue as other users in the box can find the password using process list commands such as 'ps -ef'.
> >
> > Consider using command similar to ...
> > $ cat <<!
> > ${unix_user}:${unix_user_pwd}
> > ! | chpasswd
Ok. I fixed it and updated the patch. Thanks.
- pengjianhua
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/#review169838
-----------------------------------------------------------
On March 23, 2017, 9:14 a.m., pengjianhua wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57865/
> -----------------------------------------------------------
>
> (Updated March 23, 2017, 9:14 a.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1467
> https://issues.apache.org/jira/browse/RANGER-1467
>
>
> Repository: ranger
>
>
> Description
> -------
>
> The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
> 1. Set the new user password manually.
> 2. Login system using root user. Then use su command to switch the new user.
> Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
> We should automatically set password for the new user after the user was created like db user.
>
>
> Diffs
> -----
>
> security-admin/scripts/install.properties f323c95
> security-admin/scripts/setup.sh 2e7752d
>
>
> Diff: https://reviews.apache.org/r/57865/diff/2/
>
>
> Testing
> -------
>
>
> Thanks,
>
> pengjianhua
>
>
Re: Review Request 57865: The password is not set after the user is
created
by install program during installing Ranger Policy Admin. We should set
password like db user.
Posted by Selvamohan Neethiraj <sn...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/#review169838
-----------------------------------------------------------
Password Can be seen via Process List command
security-admin/scripts/setup.sh
Lines 1273 (patched)
<https://reviews.apache.org/r/57865/#comment242514>
Password Can be seen via Process List command
Sending Password on the command will cause a security issue as other users in the box can find the password using process list commands such as 'ps -ef'.
Consider using command similar to ...
$ cat <<!
${unix_user}:${unix_user_pwd}
! | chpasswd
- Selvamohan Neethiraj
On March 22, 2017, 11:59 p.m., pengjianhua wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57865/
> -----------------------------------------------------------
>
> (Updated March 22, 2017, 11:59 p.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1467
> https://issues.apache.org/jira/browse/RANGER-1467
>
>
> Repository: ranger
>
>
> Description
> -------
>
> The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
> 1. Set the new user password manually.
> 2. Login system using root user. Then use su command to switch the new user.
> Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
> We should automatically set password for the new user after the user was created like db user.
>
>
> Diffs
> -----
>
> security-admin/scripts/install.properties f323c95
> security-admin/scripts/setup.sh 2e7752d
>
>
> Diff: https://reviews.apache.org/r/57865/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> pengjianhua
>
>
Re: Review Request 57865: The password is not set after the user is
created
by install program during installing Ranger Policy Admin. We should set
password like db user.
Posted by Qiang Zhang <zh...@zte.com.cn>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/#review170079
-----------------------------------------------------------
Ship it!
Ship It!
- Qiang Zhang
On \u4e09\u6708 23, 2017, 9:23 a.m., pengjianhua wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/57865/
> -----------------------------------------------------------
>
> (Updated \u4e09\u6708 23, 2017, 9:23 a.m.)
>
>
> Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
>
>
> Bugs: RANGER-1467
> https://issues.apache.org/jira/browse/RANGER-1467
>
>
> Repository: ranger
>
>
> Description
> -------
>
> The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
> 1. Set the new user password manually.
> 2. Login system using root user. Then use su command to switch the new user.
> Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
> We should automatically set password for the new user after the user was created like db user.
>
>
> Diffs
> -----
>
> security-admin/scripts/install.properties f323c95
> security-admin/scripts/setup.sh 2e7752d
>
>
> Diff: https://reviews.apache.org/r/57865/diff/3/
>
>
> Testing
> -------
>
>
> Thanks,
>
> pengjianhua
>
>
Re: Review Request 57865: The password is not set after the user is
created
by install program during installing Ranger Policy Admin. We should set
password like db user.
Posted by pengjianhua <pe...@zte.com.cn>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/
-----------------------------------------------------------
(Updated March 23, 2017, 9:23 a.m.)
Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
Bugs: RANGER-1467
https://issues.apache.org/jira/browse/RANGER-1467
Repository: ranger
Description
-------
The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
1. Set the new user password manually.
2. Login system using root user. Then use su command to switch the new user.
Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
We should automatically set password for the new user after the user was created like db user.
Diffs (updated)
-----
security-admin/scripts/install.properties f323c95
security-admin/scripts/setup.sh 2e7752d
Diff: https://reviews.apache.org/r/57865/diff/3/
Changes: https://reviews.apache.org/r/57865/diff/2-3/
Testing
-------
Thanks,
pengjianhua
Re: Review Request 57865: The password is not set after the user is
created
by install program during installing Ranger Policy Admin. We should set
password like db user.
Posted by pengjianhua <pe...@zte.com.cn>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57865/
-----------------------------------------------------------
(Updated March 23, 2017, 9:14 a.m.)
Review request for ranger, Alok Lal, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, Gautam Borad, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, Velmurugan Periasamy, and Qiang Zhang.
Bugs: RANGER-1467
https://issues.apache.org/jira/browse/RANGER-1467
Repository: ranger
Description
-------
The password is not set after the user is created by install program during installing Ranger Policy Admin. The current logic is reasonable if the user exists during installing Ranger Policy Admin. Based on current program logic we can only use the new linx user according to as following methods:
1. Set the new user password manually.
2. Login system using root user. Then use su command to switch the new user.
Obviously, these steps increase the difficulty of the user to use the system and reduce easy-using of the Ranger Policy Admin.
We should automatically set password for the new user after the user was created like db user.
Diffs (updated)
-----
security-admin/scripts/install.properties f323c95
security-admin/scripts/setup.sh 2e7752d
Diff: https://reviews.apache.org/r/57865/diff/2/
Changes: https://reviews.apache.org/r/57865/diff/1-2/
Testing
-------
Thanks,
pengjianhua