You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Lionel Cons (JIRA)" <ji...@apache.org> on 2017/07/13 07:16:00 UTC
[jira] [Created] (ZOOKEEPER-2843) auth_to_local should support
reading rules from a file
Lionel Cons created ZOOKEEPER-2843:
--------------------------------------
Summary: auth_to_local should support reading rules from a file
Key: ZOOKEEPER-2843
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2843
Project: ZooKeeper
Issue Type: Improvement
Reporter: Lionel Cons
The current handling of {{zookeeper.security.auth_to_local}} in {{KerberosName.java}} only support rules given directly as the property value.
These rules must therefore be given on the command line and:
* must be escaped properly to avoid shell expansion
* are visible in the {{ps}} output
It would be much better to put these rules in a file and pass the file path as the property value. We would then use something like {{-Dzookeeper.security.auth_to_local=file:/etc/zookeeper/rules}}.
Note that using the {{file:}} prefix allows keeping backward compatibility.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)