You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2015/02/27 13:28:04 UTC

[jira] [Created] (AMBARI-9827) Ambari-server setup-security 'Encrypt passwords' option does not work correctly

Dmitry Lysnichenko created AMBARI-9827:
------------------------------------------

             Summary: Ambari-server setup-security 'Encrypt passwords' option does not work correctly
                 Key: AMBARI-9827
                 URL: https://issues.apache.org/jira/browse/AMBARI-9827
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.0.0
            Reporter: Dmitry Lysnichenko
            Assignee: Dmitry Lysnichenko
             Fix For: 2.0.0


Try to encrypt passwords without saving master password and then start ambari server:


[root@c6501 ~]# ambari-server stop
Using python  /usr/bin/python2.6
Stopping ambari-server
Ambari Server stopped
[root@c6501 ~]# ambari-server setup-security
Using python  /usr/bin/python2.6
Security setup options...
===========================================================================
Choose one of the following options: 
  [1] Enable HTTPS for Ambari server.
  [2] Enable HTTPS for Ganglia service.
  [3] Encrypt passwords stored in ambari.properties file.
  [4] Setup Ambari kerberos JAAS configuration.
===========================================================================
Enter choice, (1-4): *3*
Please provide master key for locking the credential store: *123* 
Re-enter master key: *123*
Do you want to persist master key. If you choose not to persist, you need to provide the Master Key while starting the ambari server as an env variable named AMBARI_SECURITY_MASTER_KEY or the start will prompt for the master key. Persist [y/n] (y)? *n*
Adjusting ambari-server permissions and ownership...
Ambari Server 'setup-security' completed successfully.
[root@c6501 ~]# ambari-server start
Using python  /usr/bin/python2.6
Starting ambari-server
Ambari Server running with administrator privileges.
Organizing resource files at /var/lib/ambari-server/resources...
Enter current Master Key: 
Server PID at: /var/run/ambari-server/ambari-server.pid
Server out at: /var/log/ambari-server/ambari-server.out
Server log at: /var/log/ambari-server/ambari-server.log
Waiting for server start.........
ERROR: Exiting with exit code -1. 
REASON: Ambari Server java process died with exitcode 1. Check /var/log/ambari-server/ambari-server.out for more information.


Error in ambari-server.out :
{code}
19:12:13,352  INFO [main] Configuration:597 - Credential provider creation failed. Reason: Master key initialization failed.
[root@c6501 ~]# cat /var/log/ambari-server/ambari-server.out
Feb 23, 2015 7:12:13 PM com.google.inject.internal.MessageProcessor visit
INFO: An exception was caught and reported. Message: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
java.lang.RuntimeException: Unable to read database password
        at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:893)
        at org.apache.ambari.server.configuration.Configuration.getDatabasePassword(Configuration.java:855)
        at org.apache.ambari.server.controller.ControllerModule.buildJpaPersistModule(ControllerModule.java:332)
        at org.apache.ambari.server.controller.ControllerModule.configure(ControllerModule.java:286)
        at com.google.inject.AbstractModule.configure(AbstractModule.java:59)
        at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:223)
        at com.google.inject.spi.Elements.getElements(Elements.java:101)
        at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)
        at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
        at com.google.inject.Guice.createInjector(Guice.java:95)
        at com.google.inject.Guice.createInjector(Guice.java:72)
        at com.google.inject.Guice.createInjector(Guice.java:62)
        at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:671)
Caused by: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
        at org.apache.commons.io.FileUtils.openInputStream(FileUtils.java:265)
        at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1457)
        at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1475)
        at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:890)
        ... 12 more

Exception in thread "main" com.google.inject.CreationException: Guice creation errors:

1) An exception was caught and reported. Message: Unable to read database password
  at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)

1 error
        at com.google.inject.internal.Errors.throwCreationExceptionIfErrorsExist(Errors.java:435)
        at com.google.inject.internal.InternalInjectorCreator.initializeStatically(InternalInjectorCreator.java:154)
        at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:106)
        at com.google.inject.Guice.createInjector(Guice.java:95)
        at com.google.inject.Guice.createInjector(Guice.java:72)
        at com.google.inject.Guice.createInjector(Guice.java:62)
        at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:671)
Caused by: java.lang.RuntimeException: Unable to read database password
        at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:893)
        at org.apache.ambari.server.configuration.Configuration.getDatabasePassword(Configuration.java:855)
        at org.apache.ambari.server.controller.ControllerModule.buildJpaPersistModule(ControllerModule.java:332)
        at org.apache.ambari.server.controller.ControllerModule.configure(ControllerModule.java:286)
        at com.google.inject.AbstractModule.configure(AbstractModule.java:59)
        at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:223)
        at com.google.inject.spi.Elements.getElements(Elements.java:101)
        at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)
        at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
        ... 4 more
Caused by: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
        at org.apache.commons.io.FileUtils.openInputStream(FileUtils.java:265)
        at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1457)
        at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1475)
        at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:890)
        ... 12 more
{code}




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)