Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

restarting ambari server creating a file ambari.properties in /tmp location

Labels:
avatar
author-rank SK1
Guru

Created ‎02-02-2017 07:44 AM

Team,

I am using ambari 2.4 and hdp 2.3.4. When I restart ambari server then it is creating a duplicate copy of ambari.properties in /tmp which is not secure. So can someone please help me to find out which script is doing it and how can I disable it.

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 16.0px Menlo} span.s1 {color: #4c7aff} span.s2 {color: #ff3b1d}

[root@m1 conf]# ls -ltrh /tmp/

total 132K

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1243975442881451335

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext6393915526385492672

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1984195690767815765

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext8641365562607738757

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1515414610693529637

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext7330878179580795461

drwxr-xr-x 3 root root 4.0K Jan 25 05:30 JettyContext1541464222736920443

-rw-r--r-- 1 root root 3.1K Jan 25 05:35 ehcache-sizeof-agent2983391407808801967.jar

drwxr-xr-x 3 root root 4.0K Jan 25 07:57 sqoop-root

drwxr-xr-x 2 hdfs root 4.0K Jan 31 04:50 hadoop-hdfs

drwxr-xr-x 2 zookeeper hadoop 4.0K Jan 31 04:50 hsperfdata_zookeeper

drwxr-xr-x 2 kafka hadoop 4.0K Jan 31 04:51 hsperfdata_kafka

drwxr-xr-x 3 hdfs hadoop 4.0K Jan 31 10:55 Jetty_0_0_0_0_8480_journal____.8g4awa

drwxr-xr-x 3 hdfs hadoop 4.0K Jan 31 10:56 Jetty_m1_hdp22_50070_hdfs____3u7krk

drwxr-xr-x 2 hdfs hadoop 4.0K Jan 31 10:58 hsperfdata_hdfs

drwxr-xr-x 2 solr solr 4.0K Jan 31 13:14 hsperfdata_solr

drwxr-xr-x 2 yarn hadoop 4.0K Jan 31 20:21 hsperfdata_yarn

drwxr-xr-x 4 yarn hadoop 4.0K Jan 31 20:21 Jetty_0_0_0_0_8088_cluster____u0rgz3

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext333136355251859560

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext4954089569274302233

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext744074219330931424

drwxr-xr-x 3 root root 4.0K Jan 31 20:38 JettyContext7325769951007858045

-rw------- 1 root root 125 Jan 31 20:39 masterkey

-rw-r--r-- 1 root root 7.7K Jan 31 20:49 ambari.properties.1

2,112 Views
1 ACCEPTED SOLUTION

avatar
author-rank chennuri_gouris
Super Collaborator

Created ‎02-02-2017 07:52 AM

@Saurabh

I can see that ambari.properties.1 file is having permission only for root user and other users can only read that. That should not effect anything.

View solution in original post

1,931 Views
0 Kudos
6 REPLIES 6

avatar
author-rank chennuri_gouris
Super Collaborator

Created ‎02-02-2017 07:52 AM

@Saurabh

I can see that ambari.properties.1 file is having permission only for root user and other users can only read that. That should not effect anything.

1,932 Views
0 Kudos

avatar
author-rank SK1
Guru

Created ‎02-02-2017 09:06 AM

@chennuri gouri shankar: This file has sensitive data if you have synced your ambari server with ldap. So we can not let it create. And changing permission is not a solution as next time when I will restart I will change permission.

1,931 Views
0 Kudos

avatar
author-rank sidwagle author-rank
Super Collaborator

Created ‎02-02-2017 10:44 PM

amabri.properties file does not store any passwords. Is any other data classified as sensitive on your end?

1,931 Views
0 Kudos

avatar
author-rank SK1
Guru

Created ‎02-03-2017 01:39 PM

@swagleWe have integrated ambari with ldap and this ambari.properties contains all required ldap details.

Sorry but my question is not like we have sensitive data or not, my question is why it is creating backup copy of this file and how we can prevent it.

1,931 Views
0 Kudos

avatar
author-rank sidwagle author-rank
Super Collaborator

Created ‎02-03-2017 07:01 PM

The backup function is called from a couple of places and it is not a recent addition based on git history.

You can manually disable it by commenting out the copy call in the python code at:

/usr/lib/python2.6/site-packages/ambari_server/serverConfiguration.py

def backup_file_in_temp(filePath):

1,931 Views
0 Kudos

avatar
author-rank SK1
Guru

Created ‎02-04-2017 04:00 AM

Thanks a lot @swagle. I have commented this backup call function and now it is not creating backup copy. Thanks once again.

# update properties in a section-less properties file

# Cannot use ConfigParser due to bugs in version 2.6

def update_properties(propertyMap):

conf_file = search_file(AMBARI_PROPERTIES_FILE, get_conf_dir())

#backup_file_in_temp(conf_file)

if propertyMap is not None and conf_file is not None:

properties = Properties()

try:

with open(conf_file, 'r') as file:

properties.load(file)

except (Exception), e:

print_error_msg('Could not read "%s": %s' % (conf_file, e))

return -1

for key in propertyMap.keys():

properties.removeOldProp(key)

properties.process_pair(key, str(propertyMap[key]))

for key in properties.keys():

if not propertyMap.has_key(key):

properties.removeOldProp(key)

with open(conf_file, 'w') as file:

properties.store_ordered(file)

1,931 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements