vor 10 Jahren · afe427a0f5
--- a/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
+++ b/ambari-common/src/main/python/resource_management/libraries/functions/setup_ranger_plugin_xml.py
@@ -121,7 +121,7 @@ def setup_ranger_plugin(component_select_name, service_name,
 
				 
			
 
				     setup_ranger_plugin_keystore(service_name, audit_db_is_enabled, hdp_version, credential_file,
			
 
				               xa_audit_db_password, ssl_truststore_password, ssl_keystore_password,
			
 
				-              component_user, component_group)
			
 
				+              component_user, component_group, java_home)
			
 
				 
			
 
				   else:
			
 
				     File(format('{component_conf_dir}/ranger-security.xml'),
			
@@ -141,20 +141,20 @@ def setup_ranger_plugin_jar_symblink(hdp_version, service_name, component_list):
 
				       sudo=True)
			
 
				 
			
 
				 def setup_ranger_plugin_keystore(service_name, audit_db_is_enabled, hdp_version, credential_file, xa_audit_db_password,
			
 
				-                                ssl_truststore_password, ssl_keystore_password, component_user, component_group):
			
 
				+                                ssl_truststore_password, ssl_keystore_password, component_user, component_group, java_home):
			
 
				 
			
 
				   cred_lib_path = format('/usr/hdp/{hdp_version}/ranger-{service_name}-plugin/install/lib/*')
			
 
				   cred_setup_prefix = format('python /usr/hdp/{hdp_version}/ranger-{service_name}-plugin/ranger_credential_helper.py -l "{cred_lib_path}"')
			
 
				 
			
 
				   if audit_db_is_enabled:
			
 
				     cred_setup = format('{cred_setup_prefix} -f {credential_file} -k "auditDBCred" -v "{xa_audit_db_password}" -c 1')
			
 
				-    Execute(cred_setup, logoutput=True)
			
 
				+    Execute(cred_setup, environment={'JAVA_HOME': java_home}, logoutput=True)
			
 
				 
			
 
				   cred_setup = format('{cred_setup_prefix} -f {credential_file} -k "sslKeyStore" -v "{ssl_keystore_password}" -c 1')
			
 
				-  Execute(cred_setup, logoutput=True)
			
 
				+  Execute(cred_setup, environment={'JAVA_HOME': java_home}, logoutput=True)
			
 
				 
			
 
				   cred_setup = format('{cred_setup_prefix} -f {credential_file} -k "sslTrustStore" -v "{ssl_truststore_password}" -c 1')
			
 
				-  Execute(cred_setup, logoutput=True)
			
 
				+  Execute(cred_setup, environment={'JAVA_HOME': java_home}, logoutput=True)
			
 
				 
			
 
				   File(credential_file,
			
 
				     owner = component_user,
			
--- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
+++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py
@@ -128,13 +128,13 @@ def do_keystore_setup():
 
				     jceks_path = params.ranger_credential_provider_path
			
 
				     cred_setup = format('{cred_setup_prefix} -f {jceks_path} -k "{ranger_jpa_jdbc_credential_alias}" -v "{ranger_ambari_db_password}" -c 1')
			
 
				 
			
 
				-    Execute(cred_setup, logoutput=True)
			
 
				+    Execute(cred_setup, environment={'RANGER_ADMIN_HOME':params.ranger_home, 'JAVA_HOME': params.java_home}, logoutput=True)
			
 
				 
			
 
				   if not is_empty(params.ranger_credential_provider_path) and (params.ranger_audit_source_type).lower() == 'db' and not is_empty(params.ranger_ambari_audit_db_password):
			
 
				     jceks_path = params.ranger_credential_provider_path
			
 
				     cred_setup = format('{cred_setup_prefix} -f {jceks_path} -k "{ranger_jpa_audit_jdbc_credential_alias}" -v "{ranger_ambari_audit_db_password}" -c 1')
			
 
				 
			
 
				-    Execute(cred_setup, logoutput=True)
			
 
				+    Execute(cred_setup, environment={'RANGER_ADMIN_HOME':params.ranger_home, 'JAVA_HOME': params.java_home}, logoutput=True)
			
 
				 
			
 
				     File(params.ranger_credential_provider_path,
			
 
				       owner = params.unix_user,
			
@@ -167,13 +167,13 @@ def setup_usersync():
 
				   cred_lib = os.path.join(params.usersync_home,"lib","*")
			
 
				 
			
 
				   cred_setup = format('python {ranger_home}/ranger_credential_helper.py -l "{cred_lib}" -f {ugsync_jceks_path} -k "usersync_ssl_key_password" -v "{ranger_usersync_keystore_password}" -c 1')
			
 
				-  Execute(cred_setup, logoutput=True)
			
 
				+  Execute(cred_setup, environment={'RANGER_ADMIN_HOME':params.ranger_home, 'JAVA_HOME': params.java_home}, logoutput=True)
			
 
				 
			
 
				   cred_setup = format('python {ranger_home}/ranger_credential_helper.py -l "{cred_lib}" -f {ugsync_jceks_path} -k "ranger.usersync.ldap.bindalias" -v "{ranger_usersync_ldap_ldapbindpassword}" -c 1')
			
 
				-  Execute(cred_setup, logoutput=True)
			
 
				+  Execute(cred_setup, environment={'RANGER_ADMIN_HOME':params.ranger_home, 'JAVA_HOME': params.java_home}, logoutput=True)
			
 
				 
			
 
				   cred_setup = format('python {ranger_home}/ranger_credential_helper.py -l "{cred_lib}" -f {ugsync_jceks_path} -k "usersync.ssl.truststore.password" -v "{ranger_usersync_truststore_password}" -c 1')
			
 
				-  Execute(cred_setup, logoutput=True)
			
 
				+  Execute(cred_setup, environment={'RANGER_ADMIN_HOME':params.ranger_home, 'JAVA_HOME': params.java_home}, logoutput=True)
			
 
				 
			
 
				   File(params.ugsync_jceks_path,
			
 
				        owner = params.unix_user,