You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2015/02/27 13:28:04 UTC
[jira] [Created] (AMBARI-9827) Ambari-server setup-security
'Encrypt passwords' option does not work correctly
Dmitry Lysnichenko created AMBARI-9827:
------------------------------------------
Summary: Ambari-server setup-security 'Encrypt passwords' option does not work correctly
Key: AMBARI-9827
URL: https://issues.apache.org/jira/browse/AMBARI-9827
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.0.0
Reporter: Dmitry Lysnichenko
Assignee: Dmitry Lysnichenko
Fix For: 2.0.0
Try to encrypt passwords without saving master password and then start ambari server:
[root@c6501 ~]# ambari-server stop
Using python /usr/bin/python2.6
Stopping ambari-server
Ambari Server stopped
[root@c6501 ~]# ambari-server setup-security
Using python /usr/bin/python2.6
Security setup options...
===========================================================================
Choose one of the following options:
[1] Enable HTTPS for Ambari server.
[2] Enable HTTPS for Ganglia service.
[3] Encrypt passwords stored in ambari.properties file.
[4] Setup Ambari kerberos JAAS configuration.
===========================================================================
Enter choice, (1-4): *3*
Please provide master key for locking the credential store: *123*
Re-enter master key: *123*
Do you want to persist master key. If you choose not to persist, you need to provide the Master Key while starting the ambari server as an env variable named AMBARI_SECURITY_MASTER_KEY or the start will prompt for the master key. Persist [y/n] (y)? *n*
Adjusting ambari-server permissions and ownership...
Ambari Server 'setup-security' completed successfully.
[root@c6501 ~]# ambari-server start
Using python /usr/bin/python2.6
Starting ambari-server
Ambari Server running with administrator privileges.
Organizing resource files at /var/lib/ambari-server/resources...
Enter current Master Key:
Server PID at: /var/run/ambari-server/ambari-server.pid
Server out at: /var/log/ambari-server/ambari-server.out
Server log at: /var/log/ambari-server/ambari-server.log
Waiting for server start.........
ERROR: Exiting with exit code -1.
REASON: Ambari Server java process died with exitcode 1. Check /var/log/ambari-server/ambari-server.out for more information.
Error in ambari-server.out :
{code}
19:12:13,352 INFO [main] Configuration:597 - Credential provider creation failed. Reason: Master key initialization failed.
[root@c6501 ~]# cat /var/log/ambari-server/ambari-server.out
Feb 23, 2015 7:12:13 PM com.google.inject.internal.MessageProcessor visit
INFO: An exception was caught and reported. Message: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
java.lang.RuntimeException: Unable to read database password
at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:893)
at org.apache.ambari.server.configuration.Configuration.getDatabasePassword(Configuration.java:855)
at org.apache.ambari.server.controller.ControllerModule.buildJpaPersistModule(ControllerModule.java:332)
at org.apache.ambari.server.controller.ControllerModule.configure(ControllerModule.java:286)
at com.google.inject.AbstractModule.configure(AbstractModule.java:59)
at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:223)
at com.google.inject.spi.Elements.getElements(Elements.java:101)
at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
at com.google.inject.Guice.createInjector(Guice.java:95)
at com.google.inject.Guice.createInjector(Guice.java:72)
at com.google.inject.Guice.createInjector(Guice.java:62)
at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:671)
Caused by: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
at org.apache.commons.io.FileUtils.openInputStream(FileUtils.java:265)
at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1457)
at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1475)
at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:890)
... 12 more
Exception in thread "main" com.google.inject.CreationException: Guice creation errors:
1) An exception was caught and reported. Message: Unable to read database password
at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)
1 error
at com.google.inject.internal.Errors.throwCreationExceptionIfErrorsExist(Errors.java:435)
at com.google.inject.internal.InternalInjectorCreator.initializeStatically(InternalInjectorCreator.java:154)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:106)
at com.google.inject.Guice.createInjector(Guice.java:95)
at com.google.inject.Guice.createInjector(Guice.java:72)
at com.google.inject.Guice.createInjector(Guice.java:62)
at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:671)
Caused by: java.lang.RuntimeException: Unable to read database password
at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:893)
at org.apache.ambari.server.configuration.Configuration.getDatabasePassword(Configuration.java:855)
at org.apache.ambari.server.controller.ControllerModule.buildJpaPersistModule(ControllerModule.java:332)
at org.apache.ambari.server.controller.ControllerModule.configure(ControllerModule.java:286)
at com.google.inject.AbstractModule.configure(AbstractModule.java:59)
at com.google.inject.spi.Elements$RecordingBinder.install(Elements.java:223)
at com.google.inject.spi.Elements.getElements(Elements.java:101)
at com.google.inject.internal.InjectorShell$Builder.build(InjectorShell.java:133)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:103)
... 4 more
Caused by: java.io.FileNotFoundException: File '${alias=ambari.db.password}' does not exist
at org.apache.commons.io.FileUtils.openInputStream(FileUtils.java:265)
at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1457)
at org.apache.commons.io.FileUtils.readFileToString(FileUtils.java:1475)
at org.apache.ambari.server.configuration.Configuration.readPasswordFromFile(Configuration.java:890)
... 12 more
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)