[jira] [Resolved] (KUDU-2717) Add an environment variable for username override in non-secure clusters

Grant Henke (JIRA) Thu, 06 Jun 2019 07:45:52 -0700


     [ 
https://issues.apache.org/jira/browse/KUDU-2717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Grant Henke resolved KUDU-2717.
-------------------------------
       Resolution: Fixed
         Assignee: Todd Lipcon
    Fix Version/s: 1.10.0

Resolved via [https://github.com/apache/kudu/commit/20a3976d7]

> Add an environment variable for username override in non-secure clusters
> ------------------------------------------------------------------------
>
>                 Key: KUDU-2717
>                 URL: https://issues.apache.org/jira/browse/KUDU-2717
>             Project: Kudu
>          Issue Type: Improvement
>          Components: security, util
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Major
>             Fix For: 1.10.0
>
>
> If a cluster isn't secure, then using the current Unix username isn't a 
> strong identity. However, we still perform authorization based on that 
> username. This makes it inconvenient to run tools like 'ksck' from a regular 
> user account -- you end up needing to 'sudo -u kudu' before doing so, and if 
> running from a remote machine there might not even be such a user.
> Given that the local username isn't a strong identity anyways (someone could 
> always recompile kudu or use LD_PRELOAD to override it), let's provide an 
> environment variable KUDU_USER_NAME that can perform a similar override.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KUDU-2717) Add an environment variable for username override in non-secure clusters

Reply via email to