Created on - last edited on by
ask_bill_brooks
Below is the error log after I have entered all the values.
Enable Kerberos for Cluster 1
/usr/share/cmf/bin/import_credentials.sh failed with exit code 1 and output of <<
+ export PATH=/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/bin
+ PATH=/usr/kerberos/bin:/usr/kerberos/sbin:/usr/lib/mit/sbin:/usr/sbin:/usr/lib/mit/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/bin
+ KEYTAB_OUT=/var/run/cloudera-scm-server/cmf7175218120539698971.keytab
+ USER=admin/admin@CLSECURITY.COM
+ PASSWD=REDACTED
+ KVNO=1
+ SLEEP=0
+ RHEL_FILE=/etc/redhat-release
+ '[' -f /etc/redhat-release ']'
+ set +e
+ grep Tikanga /etc/redhat-release
+ '[' 1 -eq 0 ']'
+ '[' 0 -eq 0 ']'
+ grep 'CentOS release 5' /etc/redhat-release
+ '[' 1 -eq 0 ']'
+ '[' 0 -eq 0 ']'
+ grep 'Scientific Linux release 5' /etc/redhat-release
+ '[' 1 -eq 0 ']'
+ set -e
+ '[' -z /var/run/cloudera-scm-server/krb586485986323377252.conf ']'
+ echo 'Using custom config path '\''/var/run/cloudera-scm-server/krb586485986323377252.conf'\'', contents below:'
+ cat /var/run/cloudera-scm-server/krb586485986323377252.conf
+ IFS=' '
+ read -a ENC_ARR
+ ktutil
+ for ENC in '"${ENC_ARR[@]}"'
+ echo 'addent -REDACTED -p admin/admin@CLSECURITY.COM -k 1 -e aes256-cts:normal'
+ '[' 0 -eq 1 ']'
+ echo REDACTED
+ for ENC in '"${ENC_ARR[@]}"'
+ echo 'addent -REDACTED -p admin/admin@CLSECURITY.COM -k 1 -e aes128-cts:normal'
+ '[' 0 -eq 1 ']'
+ echo REDACTED
+ for ENC in '"${ENC_ARR[@]}"'
+ echo 'addent -REDACTED -p admin/admin@CLSECURITY.COM -k 1 -e des3-hmac-sha1:normal'
+ '[' 0 -eq 1 ']'
+ echo REDACTED
+ echo 'wkt /var/run/cloudera-scm-server/cmf7175218120539698971.keytab'
addent: Bad encryption type while adding new entry
ktutil: Unknown request "REDACTED". Type "?" for a request list.
addent: Bad encryption type while adding new entry
ktutil: Unknown request "REDACTED". Type "?" for a request list.
addent: Bad encryption type while adding new entry
ktutil: Unknown request "REDACTED". Type "?" for a request list.
+ chmod 600 /var/run/cloudera-scm-server/cmf7175218120539698971.keytab
chmod: cannot access `/var/run/cloudera-scm-server/cmf7175218120539698971.keytab': No such file or directory
[root@m1 ~]# cat /etc/krb5.conf
# Configuration snippets may be placed in this directory as well
#includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
default_realm = CLSECURITY.COM
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
CLSECURITY.COM = {
kdc = m1.bigdata.com
admin_server = m1.bigdata.com
}
[domain_realm]
.clsecurity.com = CLSECURITY.COM
clsecurity.com = CLSECURITY.COM
[root@m1 ~]# cat /var/kerberos/krb5kdc/kadm5.acl
*/admin@CLSECURITY.COM *
*admin/admin@CLSECURITY.COM *
*root/admin@CLSECURITY.COM *
[root@m1 ~]#
Attached the pictures of configuration
