-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52775/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay
Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj,
and Velmurugan Periasamy.
Bugs: RANGER-1185
https://issues.apache.org/jira/browse/RANGER-1185
Repository: ranger
Description
-------
**Problem Statement:** If the .jceks file for a Ranger plugin in
/etc/ranger/<clustername>_<servicename> becomes corrupted or zero length, The
Ranger plugin for the service is not able to synchronise policy changes. the
file is not rebuilt when the service in question is restarted.
**Proposed Solution:** If .jceks file is of zero size then delete and recreate
the jceks file.
Diffs
-----
credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
e21d01e
Diff: https://reviews.apache.org/r/52775/diff/
Testing
-------
**STEPS TO REPRODUCE:**
* Start with a working Ranger install with SSL enabled and Ranger plugin
enabled for at least one service (e.g. hdfs)
* cat /dev/null > /etc/ranger/hadoopdev/cred.jceks
* Restart HDFS
* cred.jceks file is not rebuilt and Ranger HDFS plugin will fail.
**Steps Performed(with patch):**
1. Installed ranger-admin from Build having changed of proposed patch.
2. Started Ranger and enabled hdfs plugin. plugin was able to communicate to
Ranger.
3. Stopped the hdfs
4. executed command : cat /dev/null > /etc/ranger/hadoopdev/cred.jceks
5. ls -ltr /etc/ranger/hadoopdev/cred.jceks
6. Started hdfs and enabled the hdfs plugin.
7. Ranger hdfs was started and plugin was able to communicate and download the
policy from Ranger admin
8. ls -ltr /etc/ranger/hadoopdev/cred.jceks
Thanks,
Pradeep Agrawal
