You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@impala.apache.org by "Tim Armstrong (Jira)" <ji...@apache.org> on 2020/12/23 21:47:01 UTC

[jira] [Resolved] (IMPALA-7072) Support Kerberos auth_to_local rules

     [ https://issues.apache.org/jira/browse/IMPALA-7072?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tim Armstrong resolved IMPALA-7072.
-----------------------------------
    Resolution: Won't Fix

See last comment - I don't think it's needed.

> Support Kerberos auth_to_local rules
> ------------------------------------
>
>                 Key: IMPALA-7072
>                 URL: https://issues.apache.org/jira/browse/IMPALA-7072
>             Project: IMPALA
>          Issue Type: New Feature
>          Components: Security
>    Affects Versions: Impala 2.12.0
>            Reporter: Sailesh Mukil
>            Priority: Major
>              Labels: kerberos
>
> On deployments that use Heimdal kerberos configured with 'auth_to_local' rules set, and with the Impala startup flag 'use_kudu_kinit'= true, the auth_to_local rules will not be respected as it's not supported with Kudu's kinit.
> The implication of this is that from Impala 2.12.0 onwards, clusters with the above configuration will not be able to use KRPC with kerberos enabled.
> A workaround is to get rid of the auth_to_local rules for such deployments.
> We need to have a good long term solution to fix this.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)