You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by dm...@apache.org on 2018/09/19 15:18:39 UTC
[ambari] branch branch-2.7 updated: AMBARI-24663. 'ambari-server
setup' does not use AMBARI_SECURITY_MASTER_KEY env var (dlysnichenko)
(#2346)
This is an automated email from the ASF dual-hosted git repository.
dmitriusan pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new 8d145e0 AMBARI-24663. 'ambari-server setup' does not use AMBARI_SECURITY_MASTER_KEY env var (dlysnichenko) (#2346)
8d145e0 is described below
commit 8d145e0c04917866fd76690688826cf44065370e
Author: Lisnichenko Dmitro <dm...@apache.org>
AuthorDate: Wed Sep 19 18:18:30 2018 +0300
AMBARI-24663. 'ambari-server setup' does not use AMBARI_SECURITY_MASTER_KEY env var (dlysnichenko) (#2346)
---
.../python/ambari_server/serverConfiguration.py | 45 ++++++++++++----------
1 file changed, 25 insertions(+), 20 deletions(-)
diff --git a/ambari-server/src/main/python/ambari_server/serverConfiguration.py b/ambari-server/src/main/python/ambari_server/serverConfiguration.py
index 005966c..ce27a9b 100644
--- a/ambari-server/src/main/python/ambari_server/serverConfiguration.py
+++ b/ambari-server/src/main/python/ambari_server/serverConfiguration.py
@@ -1017,19 +1017,8 @@ def get_web_server_startup_timeout(properties):
def get_original_master_key(properties, options = None):
input = True
masterKey = None
+ env_master_key = os.environ.get(SECURITY_KEY_ENV_VAR_NAME)
while(input):
- try:
- if options is not None and hasattr(options, 'master_key') and options.master_key is not None and options.master_key:
- masterKey = options.master_key
- if masterKey is None:
- masterKey = get_validated_string_input('Enter current Master Key: ',
- "", ".*", "", True, False)
- if options is not None:
- options.master_key = masterKey
- except KeyboardInterrupt:
- print_warning_msg('Exiting...')
- sys.exit(1)
-
# Find an alias that exists
alias = None
property = properties.get_property(JDBC_PASSWORD_PROPERTY)
@@ -1047,14 +1036,30 @@ def get_original_master_key(properties, options = None):
alias = SSL_TRUSTSTORE_PASSWORD_ALIAS
# Decrypt alias with master to validate it, if no master return
- if alias and masterKey:
- password = read_passwd_for_alias(alias, masterKey, options)
- if not password:
- masterKey = None
- if options is not None:
- options.master_key = None
- print_error_msg ("ERROR: Master key does not match.")
- continue
+ password = None
+ if alias and env_master_key and env_master_key is not "" and env_master_key != "None":
+ password = read_passwd_for_alias(alias, env_master_key, options)
+ if not password:
+ try:
+ if options is not None and hasattr(options, 'master_key') and options.master_key is not None and options.master_key:
+ masterKey = options.master_key
+ if masterKey is None or masterKey == "":
+ masterKey = get_validated_string_input('Enter current Master Key: ',
+ "", ".*", "", True, False)
+ if options is not None:
+ options.master_key = masterKey
+ except KeyboardInterrupt:
+ print_warning_msg('Exiting...')
+ sys.exit(1)
+ if alias and masterKey:
+ password = read_passwd_for_alias(alias, masterKey, options)
+ if not password:
+ masterKey = None
+ if options is not None:
+ options.master_key = None
+ print_error_msg ("ERROR: Master key does not match")
+
+ continue
input = False