# Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # This file provides a list of the deployment variables for the Policy Manager Web Application # #------------------------- DB CONFIG - BEGIN ---------------------------------- # Uncomment the below if the DBA steps need to be run separately #setup_mode=SeparateDBA PYTHON_COMMAND_INVOKER=python #DB_FLAVOR=MYSQL|ORACLE|POSTGRES|MSSQL|SQLA DB_FLAVOR=MSSQL # # # Location of DB client library (please check the location of the jar file) # #SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar #SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar #SQL_CONNECTOR_JAR=/usr/share/java/postgresql.jar SQL_CONNECTOR_JAR=/usr/share/java/sqljdbc42.jar #SQL_CONNECTOR_JAR=/opt/sqlanywhere17/java/sajdbc4.jar #SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar # # DB password for the DB admin user-id # ************************************************************************** # ** If the password is left empty or not-defined here, # ** it will try with blank password during installation process # ************************************************************************** # #db_root_user=root|SYS|postgres|sa|dba #db_host=host:port # for DB_FLAVOR=MYSQL|POSTGRES|SQLA|MSSQL #for example: db_host=localhost:3306 #db_host=host:port:SID # for DB_FLAVOR=ORACLE #for SID example: db_host=localhost:1521:ORCL #db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE db_root_user=sa db_root_password=D0gmat1c db_host=localhost #SSL config db_ssl_enabled=false db_ssl_required=false db_ssl_verifyServerCertificate=false javax_net_ssl_keyStore= javax_net_ssl_keyStorePassword= javax_net_ssl_trustStore= javax_net_ssl_trustStorePassword= # # DB UserId used for the Ranger schema # db_name=ranger db_user=rangeradmin db_password=Rangeradm1n #Source for Audit Store #audit_store=solr|db # * audit_store is solr audit_store=solr # * audit_solr_url URL to Solr. E.g. http://:6083/solr/ranger_audits audit_solr_urls=http://mssql-compute-pool-master-0.service-master.default.svc.cluster.local:8983/solr/ranger_audits audit_solr_user=solruser audit_solr_password=solruser audit_solr_zookeepers= #audit_db_name= #audit_db_user= #audit_db_password= #------------------------- DB CONFIG - END ---------------------------------- # # ------- PolicyManager CONFIG ---------------- # policymgr_external_url=http://mssql-compute-pool-master-0.service-master.default.svc.cluster.local:6080 policymgr_http_enabled=true policymgr_https_keystore_file= policymgr_https_keystore_keyalias=rangeradmin policymgr_https_keystore_password= #Add Supported Components list below separated by semi-colon, default value is empty string to support all components #Example : policymgr_supportedcomponents=hive,hbase,hdfs policymgr_supportedcomponents= # # ------- PolicyManager CONFIG - END --------------- # # # ------- UNIX User CONFIG ---------------- # unix_user=root unix_group=root # # ------- UNIX User CONFIG - END ---------------- # # # # UNIX authentication service for Policy Manager # # PolicyManager can authenticate using UNIX username/password # The UNIX server specified here as authServiceHostName needs to be installed with ranger-unix-ugsync package. # Once the service is installed on authServiceHostName, the UNIX username/password from the host can be used to login into policy manager # # ** The installation of ranger-unix-ugsync package can be installed after the policymanager installation is finished. # #LDAP|ACTIVE_DIRECTORY|UNIX|NONE authentication_method=LDAP remoteLoginEnabled=true authServiceHostName=localhost authServicePort=5151 ranger_unixauth_keystore=keystore.jks ranger_unixauth_keystore_password=password ranger_unixauth_truststore=cacerts ranger_unixauth_truststore_password=changeit ####LDAP settings - Required only if have selected LDAP authentication #### # # Sample Settings # #xa_ldap_url=ldap://127.0.0.1:389 #xa_ldap_userDNpattern=uid={0},ou=users,dc=xasecure,dc=net #xa_ldap_groupSearchBase=ou=groups,dc=xasecure,dc=net #xa_ldap_groupSearchFilter=(member=uid={0},ou=users,dc=xasecure,dc=net) #xa_ldap_groupRoleAttribute=cn #xa_ldap_base_dn=dc=xasecure,dc=net #xa_ldap_bind_dn=cn=admin,ou=users,dc=xasecure,dc=net #xa_ldap_bind_password= #xa_ldap_referral=follow|ignore #xa_ldap_userSearchFilter=(uid={0}) xa_ldap_url=ldap://localhost:33389 xa_ldap_userDNpattern=uid={0},ou=people,dc=hadoop,dc=apache,dc=org xa_ldap_groupSearchBase=ou=groups,dc=hadoop,dc=apache,dc=org xa_ldap_groupSearchFilter=(member=uid={0},ou=people,dc=hadoop,dc=apache,dc=org) xa_ldap_groupRoleAttribute=cn xa_ldap_base_dn=dc=hadoop,dcapache,dc=org xa_ldap_bind_dn=uid=admin,ou=people,dc=hadoop,dc=apache,dc=org xa_ldap_bind_password=admin-password xa_ldap_referral=ignore xa_ldap_userSearchFilter=(uid={0}) ####ACTIVE_DIRECTORY settings - Required only if have selected AD authentication #### # # Sample Settings # #xa_ldap_ad_domain=xasecure.net #xa_ldap_ad_url=ldap://127.0.0.1:389 #xa_ldap_ad_base_dn=dc=xasecure,dc=net #xa_ldap_ad_bind_dn=cn=administrator,ou=users,dc=xasecure,dc=net #xa_ldap_ad_bind_password= #xa_ldap_ad_referral=follow|ignore #xa_ldap_ad_userSearchFilter=(sAMAccountName={0}) xa_ldap_ad_domain= xa_ldap_ad_url= xa_ldap_ad_base_dn= xa_ldap_ad_bind_dn= xa_ldap_ad_bind_password= xa_ldap_ad_referral= xa_ldap_ad_userSearchFilter= #------------ Kerberos Config ----------------- spnego_principal= spnego_keytab= token_valid=30 cookie_domain= cookie_path=/ admin_principal= admin_keytab= lookup_principal= lookup_keytab= hadoop_conf=$HADOOP_CONF_DIR # #-------- SSO CONFIG - Start ------------------ # sso_enabled=false sso_providerurl=https://127.0.0.1:8443/gateway/knoxsso/api/v1/websso sso_publickey= # #-------- SSO CONFIG - END ------------------ # Custom log directory path RANGER_ADMIN_LOG_DIR=/usr/hdp/2.6.0.3-8/ranger-admin # PID file path RANGER_PID_DIR_PATH=/var/run/ranger # ################# DO NOT MODIFY ANY VARIABLES BELOW ######################### # # --- These deployment variables are not to be modified unless you understand the full impact of the changes # ################################################################################ XAPOLICYMGR_DIR=$PWD app_home=$PWD/ews/webapp TMPFILE=$PWD/.fi_tmp LOGFILE=$PWD/logfile LOGFILES="$LOGFILE" JAVA_BIN='java' JAVA_VERSION_REQUIRED='1.7' JAVA_ORACLE='Java(TM) SE Runtime Environment' #mysql_create_user_file=${PWD}/db/mysql/create_dev_user.sql mysql_core_file=db/mysql/xa_core_db.sql mysql_audit_file=db/mysql/xa_audit_db.sql #mysql_asset_file=${PWD}/db/mysql/reset_asset.sql #oracle_create_user_file=${PWD}/db/oracle/create_dev_user_oracle.sql oracle_core_file=db/oracle/xa_core_db_oracle.sql oracle_audit_file=db/oracle/xa_audit_db_oracle.sql #oracle_asset_file=${PWD}/db/oracle/reset_asset_oracle.sql # postgres_core_file=db/postgres/xa_core_db_postgres.sql postgres_audit_file=db/postgres/xa_audit_db_postgres.sql sqlserver_core_file=db/sqlserver/xa_core_db_sqlserver.sql sqlserver_audit_file=db/sqlserver/xa_audit_db_sqlserver.sql # sqlanywhere_core_file=db/sqlanywhere/xa_core_db_sqlanywhere.sql sqlanywhere_audit_file=db/sqlanywhere/xa_audit_db_sqlanywhere.sql cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangeradmin.jceks