You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ja...@apache.org on 2015/01/20 22:10:24 UTC
[2/2] ambari git commit: AMBARI-9222. Kerberos wizard: Property
description tweaks on configure Kerberos page. (jaimin)
AMBARI-9222. Kerberos wizard: Property description tweaks on configure Kerberos page. (jaimin)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/756a1037
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/756a1037
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/756a1037
Branch: refs/heads/trunk
Commit: 756a1037043b1ac4f400964dd8d5b2c147f4148c
Parents: 6b543ea
Author: Jaimin Jetly <ja...@hortonworks.com>
Authored: Tue Jan 20 13:07:37 2015 -0800
Committer: Jaimin Jetly <ja...@hortonworks.com>
Committed: Tue Jan 20 13:07:50 2015 -0800
----------------------------------------------------------------------
.../1.10.3-10/configuration/kerberos-env.xml | 3 +-
.../1.10.3-10/configuration/krb5-conf.xml | 42 +-
ambari-web/app/data/HDP2/site_properties.js | 8954 +++++++++---------
3 files changed, 4514 insertions(+), 4485 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/756a1037/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
index f44677f..85ae018 100644
--- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
+++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/kerberos-env.xml
@@ -40,8 +40,7 @@
<property require-input="true">
<name>create_attributes_template</name>
<description>
- A Velocity template to use to generate a JSON-formatted document containing the set of
- attribute names and values needed to create a new Kerberos identity in the relevant KDC.
+ Customizable JSON document representing the LDAP attributes needed to create a new Kerberos entity in the KDC (Velocity template engine).
</description>
<value>
{
http://git-wip-us.apache.org/repos/asf/ambari/blob/756a1037/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/krb5-conf.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/krb5-conf.xml b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/krb5-conf.xml
index c10ae73..38f6ab2 100644
--- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/krb5-conf.xml
+++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/configuration/krb5-conf.xml
@@ -23,42 +23,65 @@
<configuration>
<property>
<name>logging_default</name>
+ <description>
+ Default Kerberos library log location.
+ </description>
<value>FILE:/var/log/krb5libs.log</value>
</property>
<property>
<name>logging_kdc</name>
+ <description>
+ KDC log location.
+ </description>
<value>FILE:/var/log/krb5kdc.log</value>
</property>
<property>
<name>logging_admin_server</name>
+ <description>
+ Admin server log location.
+ </description>
<value>FILE:/var/log/kadmind.log</value>
</property>
<property>
<name>libdefaults_dns_lookup_realm</name>
+ <description>
+ If true, DNS TXT records will be used to determine the Kerberos realm of a host.
+ </description>
<value>false</value>
</property>
<property>
<name>libdefaults_dns_lookup_kdc</name>
+ <description>
+ If true, DNS SRV records will be used to locate the KDCs and other servers for the realm.
+ </description>
<value>false</value>
</property>
<property>
<name>libdefaults_ticket_lifetime</name>
+ <description>
+ Default lifetime of a ticket.
+ </description>
<value>24h</value>
</property>
<property>
<name>libdefaults_renew_lifetime</name>
+ <description>
+ Default renewable lifetime for initial tickets.
+ </description>
<value>7d</value>
</property>
<property>
<name>libdefaults_forwardable</name>
+ <description>
+ If true, initial tickets will be forwardable.
+ </description>
<value>true</value>
</property>
<property>
<name>libdefaults_default_tgs_enctypes</name>
<description>
- a space-delimited list of session key encryption types supported by the KDC or Active
- Directory
+ The supported list of session key encryption types that should be returned by the KDC.
</description>
<value>
aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5
@@ -68,8 +91,7 @@
<property>
<name>libdefaults_default_tkt_enctypes</name>
<description>
- a space-delimited list of session key encryption types supported by the KDC or Active
- Directory
+ The supported list of session key encryption types that should be requested by the client.
</description>
<value>
aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5
@@ -80,14 +102,14 @@
<property require-input="true">
<name>realm</name>
<description>
- The realm to use when creating service principals
+ The realm to use when creating Service and Ambari principals from the realms section of your /etc/krb5.conf (e.g. EXAMPLE.COM).
</description>
<value/>
</property>
<property require-input="true">
<name>domains</name>
<description>
- A comma-delimited list of domain names that the realm serves (optional)
+ A comma-seperated list of domain names used to map server hostnames to the Realm name (e.g. .example.com,example.com). This is optional
</description>
<value/>
</property>
@@ -101,16 +123,14 @@
<property require-input="true">
<name>kdc_host</name>
<description>
- The IP address or FQDN of the KDC or Active Directory server, optionally a port number may be
- provided
+ The IP address or FQDN for the KDC host. Optionally a port number may be included.
</description>
<value/>
</property>
<property>
<name>admin_server_host</name>
<description>
- The IP address or FQDN of the administrative Kerberos server, optionally a port number may be
- provided
+ The IP address or FQDN for the KDC Kerberos administrative host. Optionally a port number may be included.
</description>
<value/>
</property>
@@ -123,7 +143,7 @@
</property>
<property>
<name>content</name>
- <description>The jinja template for the krb5.conf file</description>
+ <description>Customizable krb5.conf template (Jinja template engine)</description>
<value>
[libdefaults]
renew_lifetime = {{libdefaults_renew_lifetime}}