Accueil Explorer Aide
Connexion
apache
/
ambari
miroir de https://gitee.com/freeshow_me/ambari
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

AMBARI-10508 [WinTP2] Ambari common: Ensure the child processes can be run under domain accounts

Adjusted the LogonUser parameters to allow the use of domain accounts
Florian Barca il y a 10 ans
Parent
2be054d180
commit
3fda2bcca0
2 fichiers modifiés avec 14 ajouts et 10 suppressions
Vue séparée Afficher les stats Diff
  1. 10 9
      ambari-common/src/main/python/ambari_commons/os_windows.py
  2. 4 1
      ambari-common/src/main/python/resource_management/core/providers/windows/system.py

+ 10 - 9
ambari-common/src/main/python/ambari_commons/os_windows.py
Voir le fichier 

@@ -706,23 +706,24 @@ class UserHelper(object):
 
   ACTION_FAILED = -1
 
 
   def __init__(self, userName):
 
-    self.domainName, self.dcName, self.userName = UserHelper._parse_user_name(userName)
 
+    self.domainName, self.userName = UserHelper.parse_user_name(userName)
 
+    if self.domainName:
 
+      self.dcName = win32net.NetGetDCName(None, self.domainName)
 
+    else:
 
+      self.dcName = None
 
     self._policy = win32security.LsaOpenPolicy(self.dcName,
 
                                                win32security.POLICY_CREATE_ACCOUNT | win32security.POLICY_LOOKUP_NAMES)
 
 
   @staticmethod
 
-  def _parse_user_name(userName):
 
-    dcName = None
 
-    domainName = None
 
+  def parse_user_name(userName, defDomain=None):
 
+    domainName = defDomain
 
     domainSepIndex = userName.find('\\')
 
     if domainSepIndex != -1:
 
       domainName = userName[0:domainSepIndex]
 
       userName = userName[domainSepIndex + 1:]
 
-      if domainName == '.' or domainName == win32api.GetComputerName():
 
-        domainName = None
 
-      else:
 
-        dcName = win32net.NetGetDCName(None, domainName)
 
-    return (domainName, dcName, userName)
 
+      if not domainName or domainName == '.' or domainName == win32api.GetComputerName():
 
+        domainName = defDomain
 
+    return (domainName, userName)
 
 
   def create_user(self, password, comment="Ambari user"):
 
     user_info = {}

+ 4 - 1
ambari-common/src/main/python/resource_management/core/providers/windows/system.py
Voir le fichier 

@@ -18,6 +18,7 @@ limitations under the License.
 
 Ambari Agent
 
 
 """
 
+from ambari_commons.os_windows import UserHelper
 
 
 from resource_management.core.providers import Provider
 
 from resource_management.core.logger import Logger
 
@@ -149,6 +150,8 @@ def _call_command(command, logoutput=False, cwd=None, env=None, wait_for_finish=
 
   # TODO implement timeout, wait_for_finish
 
   Logger.info("Executing %s" % (command))
 
   if user:
 
+    domain, username = UserHelper.parse_user_name(user, ".")
 
+
 
     proc_token = OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES)
 
 
     old_states = []
 
@@ -163,7 +166,7 @@ def _call_command(command, logoutput=False, cwd=None, env=None, wait_for_finish=
 
       AdjustPrivilege(proc_token, priv)
 
       QueryPrivilegeState(proc_token, priv)
 
 
-    user_token = LogonUser(user, ".", Script.get_password(user), win32con.LOGON32_LOGON_SERVICE,
 
+    user_token = LogonUser(username, domain, Script.get_password(user), win32con.LOGON32_LOGON_SERVICE,
 
                            win32con.LOGON32_PROVIDER_DEFAULT)
 
     env_token = DuplicateTokenEx(user_token, SecurityIdentification, TOKEN_QUERY, TokenPrimary)
 
     # getting updated environment for impersonated user and merge it with custom env