[
https://issues.apache.org/jira/browse/KUDU-2198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Todd Lipcon updated KUDU-2198:
------------------------------
Status: In Review (was: Open)
> Allow disregarding system-wide auth-to-local mapping
> ----------------------------------------------------
>
> Key: KUDU-2198
> URL: https://issues.apache.org/jira/browse/KUDU-2198
> Project: Kudu
> Issue Type: Improvement
> Components: security
> Affects Versions: 1.6.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
>
> Per a thread on the mailing list, some users have their krb5.conf set up in
> such a way that auth_to_local mapping doesn't apply correctly to Kudu service
> accounts. This doesn't cause problems for other Java-based Hadoop ecosystem
> services, because they don't respect the localauth plugins defined in
> krb5.conf but rather use their own auth_to_local mappings defined in the
> Hadoop configuration file.
> Longer term we could support our own custom mappings, but a simple interim
> solution is just to allow using the 'simple' mapping of taking the first
> component of the principal as the short username.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
