Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,20 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

name: Publish

on:
Expand Down
1 change: 1 addition & 0 deletions distro/src/main/assembly/admin-web.xml
Original file line number Diff line number Diff line change
Expand Up @@ -602,6 +602,7 @@
<include>setup.sh</include>
<include>setup_authentication.sh</include>
<include>set_globals.sh</include>
<include>pg_jdbc_util.py</include>

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent build. In kms.xml we have fileMode=544, but not there

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

both packages already use 544. In admin-web.xml, pg_jdbc_util.py inherits <fileMode>544</fileMode> from the enclosing <fileSet> (same as db_setup.py and dba_script.py)

in kms.xml it is set explicitly to 544 as a standalone <file> entry

<include>db_setup.py</include>
<include>dba_script.py</include>
<include>restrict_permissions.py</include>
Expand Down
5 changes: 5 additions & 0 deletions distro/src/main/assembly/kms.xml
Original file line number Diff line number Diff line change
Expand Up @@ -500,5 +500,10 @@
<outputDirectory></outputDirectory>
<fileMode>755</fileMode>
</file>
<file>
<source>${project.parent.basedir}/security-admin/scripts/pg_jdbc_util.py</source>
<outputDirectory></outputDirectory>
<fileMode>544</fileMode>
</file>
</files>
</assembly>
6 changes: 4 additions & 2 deletions kms/scripts/db_setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
from datetime import date
import datetime
from time import gmtime, strftime
from pg_jdbc_util import build_pg_query_params
globalDict = {}

os_name = platform.system()
Expand Down Expand Up @@ -353,16 +354,17 @@ def get_jisql_cmd(self, user, password, db_name):
db_ssl_cert_param=" -Djavax.net.ssl.keyStore=%s -Djavax.net.ssl.keyStorePassword=%s -Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s -Djavax.net.ssl.trustStoreType=%s -Djavax.net.ssl.keyStoreType=%s" %(self.javax_net_ssl_keyStore,self.javax_net_ssl_keyStorePassword,self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword,self.javax_net_ssl_trustStore_type,self.javax_net_ssl_keyStore_type)
else:
db_ssl_param="?ssl=%s" %(self.db_ssl_enabled)
db_query_param = build_pg_query_params(db_ssl_param, db_host=self.host)
if is_unix:
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.db_override_jdbc_connection_string,user, password)
else:
jisql_cmd = "%s %s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_query_param,user, password)
elif os_name == "WINDOWS":
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.db_override_jdbc_connection_string,user, password)
else:
jisql_cmd = "%s %s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN,self.JAVA_OPTS,db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_query_param,user, password)
return jisql_cmd

def check_connection(self, db_name, db_user, db_password):
Expand Down
6 changes: 4 additions & 2 deletions kms/scripts/dba_script.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
from os.path import basename
from subprocess import Popen,PIPE
from datetime import date
from pg_jdbc_util import build_pg_query_params

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only build_pg_query_params is imported; the jisql JDBC URL is built using raw self.host directly, bypassing build_pg_host_segment. This function is actually used only in ranger_install.py. Either drop the unnecessary import from the 4 files where it's not used, or hook build_pg_host_segment into the jisql URL construction there too.

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

only build_pg_query_params is imported in these 4 files- intentionally
In db_setup.py/dba_script.py the host field already contains the full host:port string (stored as-is in __init__), so build_pg_host_segment would add no value:

it would just hit the if ':' in host: return host branch and return unchanged. build_pg_host_segment is needed only in ranger_install.py where host and port arrive as separate config variables and must be joined

try: input = raw_input
except NameError: pass
globalDict = {}
Expand Down Expand Up @@ -610,10 +611,11 @@ def get_jisql_cmd(self, user, password, db_name):
db_ssl_cert_param=" -Djavax.net.ssl.keyStore=%s -Djavax.net.ssl.keyStorePassword=%s -Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s " %(self.javax_net_ssl_keyStore,self.javax_net_ssl_keyStorePassword,self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword)
else:
db_ssl_param="?ssl=%s&sslfactory=org.postgresql.ssl.NonValidatingFactory" %(self.db_ssl_enabled)
db_query_param = build_pg_query_params(db_ssl_param, db_host=self.host)
if is_unix:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_query_param,user, password)
elif os_name == "WINDOWS":
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_query_param,user, password)
return jisql_cmd

def verify_user(self, root_user, db_root_password, db_user,dryMode):
Expand Down
5 changes: 4 additions & 1 deletion kms/scripts/install.properties
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,10 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
#db_host=host:port # for DB_FLAVOR=MYSQL|POSTGRES|SQLA|MSSQL #for example: db_host=localhost:3306
#db_host=host:port:SID # for DB_FLAVOR=ORACLE #for SID example: db_host=localhost:1521:ORCL
#db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE
#db_host=host:port:GL # for DB_FLAVOR=ORACLE #for TNSNAME example: db_host=localhost:1521:GL
#db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE
#db_host=host1:port1,host2:port2 # for DB_FLAVOR=POSTGRES (Patroni cluster) #for example: db_host=pg1:5432,pg2:5432
# # targetServerType=primary is added automatically for multi-host Postgres to ensure
# # DDL/migration operations connect to the Patroni leader, not a read-only replica
db_root_user=root
db_root_password=
db_host=localhost
Expand Down
31 changes: 21 additions & 10 deletions kms/scripts/setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -578,22 +578,33 @@ update_properties() {
fi
if [ "${DB_FLAVOR}" == "POSTGRES" ]
then
if [[ "${DB_HOST}" == *","* ]]; then
pg_target_server_type="targetServerType=primary"
else
pg_target_server_type=""
fi

if [ "${db_ssl_enabled}" == "true" ]
then
if test -f $db_ssl_certificate_file; then
propertyName=ranger.ks.jpa.jdbc.url
newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}?ssl=true&sslmode=verify-full&sslrootcert=${db_ssl_certificate_file}"
updatePropertyToFilePy $propertyName $newPropertyValue $to_file
if test -f "${db_ssl_certificate_file}"; then
pg_base_url="jdbc:postgresql://${DB_HOST}/${db_name}?ssl=true&sslmode=verify-full&sslrootcert=${db_ssl_certificate_file}"
else
pg_base_url="jdbc:postgresql://${DB_HOST}/${db_name}?ssl=true&sslmode=verify-full&sslfactory=org.postgresql.ssl.DefaultJavaSSLFactory"
fi
if [ -n "${pg_target_server_type}" ]; then
newPropertyValue="${pg_base_url}&${pg_target_server_type}"
else
propertyName=ranger.ks.jpa.jdbc.url
newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}?ssl=true&sslmode=verify-full&sslfactory=org.postgresql.ssl.DefaultJavaSSLFactory"
updatePropertyToFilePy $propertyName $newPropertyValue $to_file
newPropertyValue="${pg_base_url}"
fi
else
propertyName=ranger.ks.jpa.jdbc.url
newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}"
updatePropertyToFilePy $propertyName $newPropertyValue $to_file
if [ -n "${pg_target_server_type}" ]; then
newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}?${pg_target_server_type}"
else
newPropertyValue="jdbc:postgresql://${DB_HOST}/${db_name}"
fi
fi
propertyName=ranger.ks.jpa.jdbc.url
updatePropertyToFilePy $propertyName "$newPropertyValue" $to_file

propertyName=ranger.ks.jpa.jdbc.dialect
newPropertyValue="org.eclipse.persistence.platform.database.PostgreSQLPlatform"
Expand Down
6 changes: 4 additions & 2 deletions security-admin/scripts/db_setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import socket
import glob
import getpass
from pg_jdbc_util import build_pg_query_params
globalDict = {}

os_name = platform.system()
Expand Down Expand Up @@ -1008,16 +1009,17 @@ def get_jisql_cmd(self, user, password, db_name):
db_ssl_cert_param=" -Djavax.net.ssl.keyStore=%s -Djavax.net.ssl.keyStorePassword=%s -Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s -Djavax.net.ssl.trustStoreType=%s -Djavax.net.ssl.keyStoreType=%s" %(self.javax_net_ssl_keyStore,self.javax_net_ssl_keyStorePassword,self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword,self.javax_net_ssl_trustStore_type,self.javax_net_ssl_keyStore_type)
else:
db_ssl_param="?ssl=%s" %(self.db_ssl_enabled)
db_query_param = build_pg_query_params(db_ssl_param, db_host=self.host)
if is_unix:
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.db_override_jdbc_connection_string, user, password)
else:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_query_param,user, password)
elif os_name == "WINDOWS":
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.db_override_jdbc_connection_string,user, password)
else:
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_ssl_param,user, password)
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_query_param,user, password)
return jisql_cmd

def create_language_plpgsql(self,db_user, db_password, db_name):
Expand Down
20 changes: 15 additions & 5 deletions security-admin/scripts/dba_script.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import time
try: input = raw_input
except NameError: pass
from pg_jdbc_util import build_pg_query_params
globalDict = {}

os_name = platform.system()
Expand Down Expand Up @@ -727,7 +728,7 @@ def writeDrymodeCmd(self, xa_db_host, audit_db_host, xa_db_root_user, xa_db_root

class PostgresConf(BaseDB):
# Constructor
def __init__(self, host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type):
def __init__(self, host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,is_db_override_jdbc_connection_string='false',db_override_jdbc_connection_string=''):
self.host = host.lower()
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
Expand All @@ -739,6 +740,8 @@ def __init__(self, host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_require
self.javax_net_ssl_keyStorePassword=javax_net_ssl_keyStorePassword
self.javax_net_ssl_trustStore=javax_net_ssl_trustStore
self.javax_net_ssl_trustStorePassword=javax_net_ssl_trustStorePassword
self.is_db_override_jdbc_connection_string = is_db_override_jdbc_connection_string
self.db_override_jdbc_connection_string = db_override_jdbc_connection_string

def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
Expand All @@ -755,10 +758,17 @@ def get_jisql_cmd(self, user, password, db_name):
db_ssl_cert_param=" -Djavax.net.ssl.keyStore=%s -Djavax.net.ssl.keyStorePassword=%s -Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s " %(self.javax_net_ssl_keyStore,self.javax_net_ssl_keyStorePassword,self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword)
else:
db_ssl_param="?ssl=%s&sslfactory=org.postgresql.ssl.NonValidatingFactory" %(self.db_ssl_enabled)
db_query_param = build_pg_query_params(db_ssl_param, db_host=self.host)
if is_unix:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_ssl_param,user, password)
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.db_override_jdbc_connection_string, user, password)
else:
jisql_cmd = "%s %s -cp %s:%s/jisql/lib/* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name, db_query_param,user, password)
elif os_name == "WINDOWS":
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_ssl_param,user, password)
if self.is_db_override_jdbc_connection_string == 'true' and self.db_override_jdbc_connection_string is not None and len(self.db_override_jdbc_connection_string) > 0:
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.db_override_jdbc_connection_string,user, password)
else:
jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\* org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s -u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name, db_query_param,user, password)
return jisql_cmd

def verify_user(self, root_user, db_root_password, db_user,dryMode):
Expand Down Expand Up @@ -1748,7 +1758,7 @@ def main(argv):

elif XA_DB_FLAVOR == "POSTGRES":
POSTGRES_CONNECTOR_JAR=CONNECTOR_JAR
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR, JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR, JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,is_override_db_connection_string,db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME,postgres_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME,postgres_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME,postgres_patches)
Expand Down Expand Up @@ -1789,7 +1799,7 @@ def main(argv):

elif AUDIT_DB_FLAVOR == "POSTGRES":
POSTGRES_CONNECTOR_JAR=CONNECTOR_JAR
audit_sqlObj = PostgresConf(audit_db_host,POSTGRES_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
audit_sqlObj = PostgresConf(audit_db_host,POSTGRES_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,is_override_db_connection_string,db_override_jdbc_connection_string)
audit_db_file = os.path.join(RANGER_ADMIN_HOME,postgres_audit_file)

elif AUDIT_DB_FLAVOR == "MSSQL":
Expand Down
3 changes: 3 additions & 0 deletions security-admin/scripts/install.properties
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,9 @@ SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
#db_host=host:port # for DB_FLAVOR=MYSQL|POSTGRES|SQLA|MSSQL #for example: db_host=localhost:3306
#db_host=host:port:SID # for DB_FLAVOR=ORACLE #for SID example: db_host=localhost:1521:ORCL
#db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE
#db_host=host1:port1,host2:port2 # for DB_FLAVOR=POSTGRES (Patroni cluster) #for example: db_host=pg1:5432,pg2:5432
# # targetServerType=primary is added automatically for multi-host Postgres to ensure
# # DDL/migration operations connect to the Patroni leader, not a read-only replica
db_root_user=root
db_root_password=
db_host=localhost
Expand Down
Loading
Loading