Support Questions

Find answers, ask questions, and share your expertise

restarting ambari server creating a file ambari.properties in /tmp location

avatar
Guru

Team,

I am using ambari 2.4 and hdp 2.3.4. When I restart ambari server then it is creating a duplicate copy of ambari.properties in /tmp which is not secure. So can someone please help me to find out which script is doing it and how can I disable it.

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 16.0px Menlo} span.s1 {color: #4c7aff} span.s2 {color: #ff3b1d}

[root@m1 conf]# ls -ltrh /tmp/

total 132K

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1243975442881451335

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext6393915526385492672

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1984195690767815765

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext8641365562607738757

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1515414610693529637

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext7330878179580795461

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1541464222736920443

-rw-r--r-- 1 root root 3.1K Jan 25 05:35 ehcache-sizeof-agent2983391407808801967.jar

drwxr-xr-x 3 root root 4.0K Jan 25 07:57 sqoop-root

drwxr-xr-x 2 hdfs root 4.0K Jan 31 04:50 hadoop-hdfs

drwxr-xr-x 2 zookeeper hadoop 4.0K Jan 31 04:50 hsperfdata_zookeeper

drwxr-xr-x 2 kafka hadoop 4.0K Jan 31 04:51 hsperfdata_kafka

drwxr-xr-x 3 hdfs hadoop 4.0K Jan 31 10:55 Jetty_0_0_0_0_8480_journal____.8g4awa

drwxr-xr-x 3 hdfs hadoop 4.0K Jan 31 10:56 Jetty_m1_hdp22_50070_hdfs____3u7krk

drwxr-xr-x 2 hdfs hadoop 4.0K Jan 31 10:58 hsperfdata_hdfs

drwxr-xr-x 2 solr solr 4.0K Jan 31 13:14 hsperfdata_solr

drwxr-xr-x 2 yarn hadoop 4.0K Jan 31 20:21 hsperfdata_yarn

drwxr-xr-x 4 yarn hadoop 4.0K Jan 31 20:21 Jetty_0_0_0_0_8088_cluster____u0rgz3

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext333136355251859560

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext4954089569274302233

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext744074219330931424

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext7325769951007858045

-rw------- 1 root root 125 Jan 31 20:39 masterkey

-rw-r--r-- 1 root root 7.7K Jan 31 20:49 ambari.properties.1

1 ACCEPTED SOLUTION

avatar
Super Collaborator

@Saurabh

I can see that ambari.properties.1 file is having permission only for root user and other users can only read that. That should not effect anything.

View solution in original post

6 REPLIES 6

avatar
Super Collaborator

@Saurabh

I can see that ambari.properties.1 file is having permission only for root user and other users can only read that. That should not effect anything.

avatar
Guru

@chennuri gouri shankar: This file has sensitive data if you have synced your ambari server with ldap. So we can not let it create. And changing permission is not a solution as next time when I will restart I will change permission.

avatar
Super Collaborator

amabri.properties file does not store any passwords. Is any other data classified as sensitive on your end?

avatar
Guru

@swagleWe have integrated ambari with ldap and this ambari.properties contains all required ldap details.

Sorry but my question is not like we have sensitive data or not, my question is why it is creating backup copy of this file and how we can prevent it.

avatar
Super Collaborator

The backup function is called from a couple of places and it is not a recent addition based on git history.

You can manually disable it by commenting out the copy call in the python code at:

/usr/lib/python2.6/site-packages/ambari_server/serverConfiguration.py

def backup_file_in_temp(filePath):

avatar
Guru

Thanks a lot @swagle. I have commented this backup call function and now it is not creating backup copy. Thanks once again.

# update properties in a section-less properties file

# Cannot use ConfigParser due to bugs in version 2.6

def update_properties(propertyMap):

conf_file = search_file(AMBARI_PROPERTIES_FILE, get_conf_dir())

#backup_file_in_temp(conf_file)

if propertyMap is not None and conf_file is not None:

properties = Properties()

try:

with open(conf_file, 'r') as file:

properties.load(file)

except (Exception), e:

print_error_msg('Could not read "%s": %s' % (conf_file, e))

return -1

for key in propertyMap.keys():

properties.removeOldProp(key)

properties.process_pair(key, str(propertyMap[key]))

for key in properties.keys():

if not propertyMap.has_key(key):

properties.removeOldProp(key)

with open(conf_file, 'w') as file:

properties.store_ordered(file)