This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata
Release Notes - Ranger - Version 2.0.0

New Feature

  • [RANGER-2049] - Support doAs in Ranger Admin Portal / REST API
  • [RANGER-2170] - Ranger supports plugin to enable, monitor and manage Elasticsearch
  • [RANGER-2209] - Service Definition for ABFS to support Ranger Authorization
  • [RANGER-2232] - Security Zones feature in Apache Ranger
  • [RANGER-2281] - Support Trusted Proxy in ranger
  • [RANGER-2325] - Implement ranger plugin for Ozone
  • [RANGER-2331] - Ranger-KMS - KeySecure HSM Integration
  • [RANGER-2354] - Add custom condition at policy level
  • [RANGER-2414] - Enhancements to support roles in Ranger policies
  • [RANGER-2425] - Enhance ranger hive plugin to support sql role commands
  • [RANGER-2443] - Ranger UI support for access via Knox Trusted Proxy

Improvement

  • [RANGER-1715] - Enhance Ranger Hive Plugin to support authorization on Hive replication Tasks
  • [RANGER-1851] - Enhance Ranger Hive Plugin to support authorization for KILL QUERY command
  • [RANGER-1935] - Upgrade Ranger to support Apache Hadoop 3.0.0
  • [RANGER-1958] - [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger
  • [RANGER-1978] - Upgrade Jackson Databind to 2.8.11
  • [RANGER-2093] - RangerHiveAuthorizer showPrivileges should show Hive Objects ACLs from Ranger
  • [RANGER-2140] - Upgrade spring and guava libraries
  • [RANGER-2148] - Update Ranger Hive dependency version to 3.0
  • [RANGER-2151] - Update Ranger Hbase dependency version to 2.0
  • [RANGER-2153] - Supply the function of reverting policy history version.
  • [RANGER-2157] - Add NiFi Registry service definition and NiFiRegistryClient
  • [RANGER-2158] - Performance improvement to REST API call to update policies
  • [RANGER-2161] - Improvement in policy screen permission item's
  • [RANGER-2162] - Upgrade c3p0 libraries
  • [RANGER-2164] - Ranger to add default altlas policy for rangertagsync user.
  • [RANGER-2167] - Upgrade to Apache parent pom version 20
  • [RANGER-2168] - Add service admin user through service config
  • [RANGER-2169] - Create unique index on service and name column of x_policy table
  • [RANGER-2172] - Good coding practices for unix authentication Service in Ranger
  • [RANGER-2173] - Optimize Trie constuction and Policy lookup
  • [RANGER-2177] - Handle validations for duplicate configuration item during service create/edit
  • [RANGER-2181] - Code Improvement To Follow Best Practices
  • [RANGER-2184] - Update RangerAtlas authorization to authorize add/update/remove of relationships
  • [RANGER-2188] - Support multiple threads to build Trie and on-lookup post-setup for Trie nodes
  • [RANGER-2191] - Update ranger-tool with new options to control Trie
  • [RANGER-2203] - Review and update database schema for ranger policies to minimize database queries/updates
  • [RANGER-2207] - Allow resources to appear in column mask policies without being visible in access policies
  • [RANGER-2208] - Code improvement to fetch User/Group information and Service Config details
  • [RANGER-2210] - Ranger support for Apache Kafka 2.0.0
  • [RANGER-2212] - Add multiple urls tips for the ‘Kylin URL’ configuration item when creating the kylin-plugin service
  • [RANGER-2214] - Do some code improvement for the error message for KylinClient.java
  • [RANGER-2216] - Ranger Audit UI lacks the feature to search the audits using Policy Id
  • [RANGER-2218] - Service-Definition update should not allow updates to names of resources, access-types, conditions or data-masks
  • [RANGER-2221] - Apache Ranger Kafka authorizer should support new resource "DelegationToken" in Apache Kafka 2.0.0 version
  • [RANGER-2222] - Apache RangerKafkaPlugin support to handle Kafka Cluster as a new resource
  • [RANGER-2231] - Upgrade to Knox 1.1.0
  • [RANGER-2237] - Upgrade Kylin version to 2.5.0
  • [RANGER-2239] - Update to surefire 2.21.0
  • [RANGER-2243] - Provide option to ranger builds to specifically build a single plugin
  • [RANGER-2251] - Need to provide options for making java heap size memory configurable in Ranger services
  • [RANGER-2257] - Add policyID to error message when click the Access log of Audit
  • [RANGER-2258] - Improve the policy list page to prompt users when the service is disabled
  • [RANGER-2265] - To make the profile "all" to be active by default when ranger build
  • [RANGER-2266] - To make Id to ID in Audit Pages of Ranger Admin
  • [RANGER-2267] - Add a icon to differentiate the status of the service
  • [RANGER-2268] - Optimize policy and tags migration to new schema
  • [RANGER-2279] - Reduce the time spent changing passwords during Ranger Admin install
  • [RANGER-2286] - Ranger install may be prevented by leftover DB entry
  • [RANGER-2287] - Improve and optimize db_setup.py file code
  • [RANGER-2291] - Make optimized db schema script idempotent for all DB Flavors
  • [RANGER-2295] - Set specific Ranger version in patches status entry table
  • [RANGER-2296] - Enhance Ranger Audit framework to have security zone in the audit
  • [RANGER-2303] - Add kylin-plugin infomation to README.txt
  • [RANGER-2309] - Improve group search on policy edit page.
  • [RANGER-2314] - Do some code improvement for the error message in SqoopClient.java
  • [RANGER-2317] - Enable compilation on JDK11
  • [RANGER-2322] - Use "TLS" in SSLContext.getInstance
  • [RANGER-2324] - Bootstrapping Solr in Ranger service start-up
  • [RANGER-2330] - Ensure that policy/resource based searches are security-zone aware
  • [RANGER-2332] - Update Grant/Revoke API access after Security zone feature
  • [RANGER-2340] - Add Policy Version to the Ranger Audit log
  • [RANGER-2341] - Support for Incremental policy updates to improve performance of ranger-admin and plugins by optimal building of policy-engine
  • [RANGER-2345] - Upgrade Apache Solr version to 7.7.0 or later
  • [RANGER-2349] - Provide an API to download policies and tags
  • [RANGER-2351] - Implement Import / Export of Policies by Zone
  • [RANGER-2353] - Upgrade Apache Thrift Java client library to 0.12.0
  • [RANGER-2357] - Improvement on getServices API
  • [RANGER-2374] - Add refresh access type to allow sharing policies between Hive and Impala
  • [RANGER-2377] - Make solr bootstrapping configurable
  • [RANGER-2379] - Support for associating a tag service with security zone and relevant authorization logic
  • [RANGER-2382] - Improvement to Access Audit page-Add ‘agentHostname’ column to audit log table, which records IP-address/hostname of the plugin
  • [RANGER-2385] - Improvement to Audit page -> Plugin status tab
  • [RANGER-2386] - Code duplication due to RangerCredentialProvider.getCredentialString returns char[]
  • [RANGER-2387] - add public api v2 for security zones
  • [RANGER-2389] - Ranger Hive Plugin enhancement for KILL query and Replication commands authorization
  • [RANGER-2390] - Ranger should add service admin privilege support for hive service objects - LLAP command sets
  • [RANGER-2391] - Ranger authorization for ADD, COMPILE and CREATE TEMPORARY UDF operation in Hive
  • [RANGER-2392] - Create / Update zone to have provision to associate Tag based service with zone
  • [RANGER-2394] - Filter/exclude multiple users in audit search
  • [RANGER-2395] - Add presto plugin
  • [RANGER-2407] - [Best Practices] Update/Remove default header values sent from Ranger
  • [RANGER-2408] - Restrict Ranger User's capabilities according to their role
  • [RANGER-2420] - Ranger spends 36% of CPU in ObjectMapper
  • [RANGER-2424] - Track and display application id of service generating access audit on access audit page
  • [RANGER-2427] - Tag policies are not evaluated if no security zones are configured
  • [RANGER-2431] - Upgrade Atlas version to 2.0.0
  • [RANGER-2432] - Upgrade Hadoop Version to 3.1.1
  • [RANGER-2435] - Add support for sticky breadcrumbs.
  • [RANGER-2436] - Custom condition: Access from cluster
  • [RANGER-2446] - Suggestion - Include security zone details as part of admin audit for policy update
  • [RANGER-2454] - Remove the trailing slash in Ranger URL in RangerAdminJersey2RESTClient
  • [RANGER-2458] - Cluster property name changes in Ranger Plugin code
  • [RANGER-2464] - Upgrade spring, zookeeper, c3p0, jackson-databind, tomcat libraries
  • [RANGER-2465] - Create a PolicyCondition to apply if all given tags are present for the accessed resource
  • [RANGER-2466] - Improvement in setting cluster Name in RangerAccessRequest
  • [RANGER-2467] - similar to clusterName custom condition, add clusterType custom condition.
  • [RANGER-2468] - Upgrade jQuery version in Ranger.
  • [RANGER-2475] - Replacing bootstrap accordion with jquery SlideToggle.
  • [RANGER-2481] - Create a tag service when a resource service is created and link it to resource service
  • [RANGER-2482] - Ranger: use Solr API to upload config set (during bootstrapping)
  • [RANGER-2484] - Improve import API to merge the policies if resources are exactly same
  • [RANGER-2489] - Missing dependencies in assembly for Presto plugin
  • [RANGER-2490] - Add https support while using Solr API to upload config set
  • [RANGER-2494] - Ranger Custom PolicyCondition for TagsNotPresent and AnyTagPresent
  • [RANGER-2496] - Update Spring Security version to 4.2.13
  • [RANGER-2498] - Improvement to plugin status tab.
  • [RANGER-2503] - Ranger Import API should be able to override an existing policy
  • [RANGER-2506] - Add cluster name in plugin status tab.
  • [RANGER-2507] - Support for policy to implicitly deny all accesses not explicitly allowed by it
  • [RANGER-2508] - Good coding practices for concurrent policy label creation
  • [RANGER-2515] - add .gitignore for project plugin-presto and ranger-presto-plugin-shim
  • [RANGER-2517] - UI changes for policy to implicitly deny all accesses not explicitly allowed by it.
  • [RANGER-2523] - Ranger Admin debug config improvement

Bug

  • [RANGER-1738] - RangerYarnAuthorizer not compatible with Hadoop-3.0.0
  • [RANGER-1951] - build problems with the saveVersion.py script
  • [RANGER-1955] - Wrong quoting in Ranger SQL install scripts
  • [RANGER-2112] - Ranger KMS broken with JDK 8 update 171
  • [RANGER-2114] - Internal Exception: com.mysql.jdbc.MysqlDataTruncation: Data truncation: Data too long for column 'content' at row 1
  • [RANGER-2152] - Incorrect debugging information in RangerPluginClassLoader.java
  • [RANGER-2155] - Ranger Tagsync fails to Authenticate to Atlas when Tag Source set to AtlasRest in Kerberos environment
  • [RANGER-2160] - 'Email Address' search is not working properly along with other filter in user listing page,userRoles filters also needs to be improved.
  • [RANGER-2165] - Address JPA Cache issue when policies Create, Update and Delete are done via REST API in Apache Ranger admin
  • [RANGER-2166] - A ClassNotFound exception is thrown with atlasrest as a tag source
  • [RANGER-2180] - Handle token replacement correctly when token is not defined in the request context
  • [RANGER-2182] - Handle upgrade scenario since atlas-service def is added with new resources for relationship
  • [RANGER-2183] - Use INodeAttribute information to authorize HDFS access
  • [RANGER-2186] - Increment service-specific policy and tag versions after update transaction is committed
  • [RANGER-2187] - External Group search fails on Ranger UI when installed with postgres
  • [RANGER-2189] - Atlas service default policies should allow relationship operations for all
  • [RANGER-2193] - Form validation during testconnection should be consistent with service creation/editing
  • [RANGER-2195] - TagPolicy not working due to failure in updating tag policy version
  • [RANGER-2196] - Ensure that any explicit threads used by Ranger are marked as daemon threads
  • [RANGER-2197] - Delegate Admin is not able to create policy
  • [RANGER-2201] - Log no ranger audits when entityId value is not null or empty string
  • [RANGER-2204] - Ranger Admin's admin log event for changing Audit Logging of a policy doesn't show the actual changes
  • [RANGER-2213] - Tomcat Security Vulnerability Alert. The version of the tomcat for ranger should upgrade to 7.0.90.
  • [RANGER-2215] - Can't copy and paste multiple paths into Ranger Admin UI for HDFS create policy
  • [RANGER-2220] - Admin UI loads slowly because of many small JavaScript files
  • [RANGER-2224] - 'drop temporary function <udf>' command should be handled by 'global' resource and 'Temorary UDF Admin' permission.
  • [RANGER-2229] - Perform graceful terminate with retries before doing forceful kill for usersync and tagsync
  • [RANGER-2234] - Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
  • [RANGER-2235] - Modify the login session detail page as a modal.
  • [RANGER-2238] - String comparison should not use ‘==’ in ServiceUtil.java
  • [RANGER-2241] - Fix release build scripts to conform to latest Apache release guidelines - Part 2 - Remove sha1 and mds
  • [RANGER-2242] - JiSQL utility is failing Oracle UDF
  • [RANGER-2244] - Tomcat Security Vulnerability Alert. The version of the tomcat for ranger should upgrade to 7.0.91 or later.
  • [RANGER-2245] - Exclude Jetty libraries
  • [RANGER-2247] - Ranger Plugin for HDFS throws StringIndexOutOfBounds exception when policy resource is "\"
  • [RANGER-2248] - Sorting does not work in AbstractPredicateUtil.java
  • [RANGER-2250] - Service configs fields are not showing for atlas service form page
  • [RANGER-2252] - Permission "Kafka Admin" should not be part of Topic resource in Ranger Kafka resource definition
  • [RANGER-2262] - Improvement of export to excel from report listing page for Oracle database.
  • [RANGER-2263] - Remove unnecessary explicit dependency for apache commons compress jar in Ranger
  • [RANGER-2264] - Kafka default policies for new resources are not showing up in UI when upgrade is done from older version
  • [RANGER-2269] - Implement best coding practices for validating user input
  • [RANGER-2270] - Restrict tag module access to unprivileged users
  • [RANGER-2272] - Ensure that case of resource-definition names and access-type names in Ranger policy is the same as in service-definition after successful validation
  • [RANGER-2273] - Allow service admin and delegated admin user to view list of users and groups though they have 'USER' role
  • [RANGER-2275] - Make db_setup retry delay configurable
  • [RANGER-2276] - Email Address should be verified when Add New User in Ranger Admin
  • [RANGER-2277] - Kylin repository config missing "Common Name for Certificate"
  • [RANGER-2278] - Unable to delete user if he has references in new ref tables.
  • [RANGER-2280] - The emptyText of User Sync and Plugin Status should be reasonable
  • [RANGER-2282] - The error message for changing password is incorrect in User Profile page.
  • [RANGER-2283] - User is getting total count of groups even if he is assigned to one group due to which pagination is breaking
  • [RANGER-2284] - Unable to build image using docker
  • [RANGER-2288] - Sqoop repository config missing "Common Name for Certificate"
  • [RANGER-2289] - Unable to get Audit Admin tab page.
  • [RANGER-2292] - Test case fix for RANGER-2276
  • [RANGER-2294] - Front-end and back-end email address regular expression should be the same
  • [RANGER-2297] - getContentSummary validation failure
  • [RANGER-2298] - Modify JAVA_VERSION_REQUIRED to 1.8 in install.properties
  • [RANGER-2299] - Modify the permissions of the kms install.properties file to 700
  • [RANGER-2304] - Need to add property dfs.permissions.ContentSummary.subAccess when enabling Ranger HDFS plugin manually
  • [RANGER-2305] - When Audit spooling to local filesystem is enabled, log files of the component have show a wrong error message
  • [RANGER-2306] - Knox Plugin doesn't pass X-Forwarded-for remote address to Ranger
  • [RANGER-2307] - Native code can segfault or return misleading error messages
  • [RANGER-2311] - After the user profile is updated, the page still displays the original information.
  • [RANGER-2313] - tagsync fails to authenticate with ranger in kerberized cluster when using ranger-tagsync-update.sh script
  • [RANGER-2316] - Incorrect path in Quick State Guide at http://ranger.apache.org/quick_start_guide.html
  • [RANGER-2318] - Incorrect git url on the homepage
  • [RANGER-2321] - Docker build fails due to PhantomJS dependency
  • [RANGER-2326] - zoneName field is getting added with type "boolean" in Ranger Solr schema
  • [RANGER-2327] - Update Ranger db schema to use common sequence name
  • [RANGER-2328] - Time-based policies do not work correctly if access time is not set in the authorization request
  • [RANGER-2333] - Logs does not get generated for Zone Description field available on Security Zone page.
  • [RANGER-2334] - Audits: filter out service audit logs and additional users logs from user audit logs
  • [RANGER-2335] - Overlapping of 'include' toggle button on policy create/edit page.
  • [RANGER-2336] - Ranger HBase plugin should pack guava lib as a dependency.
  • [RANGER-2337] - Context-Enrichers need to clean up completely when the policy-engine is destroyed
  • [RANGER-2339] - UI changes for User role users should also have access to Security Zone
  • [RANGER-2342] - Exclude jackson jaxrs library from ranger-admin packaging
  • [RANGER-2343] - Evaluate tag policies in the same security zone as accessed resource
  • [RANGER-2344] - Ranger HBase Test failure due to Mini HBase cluster start up issue.
  • [RANGER-2347] - Restrict capabilities of security zone administrator and auditor
  • [RANGER-2350] - Ranger UI: Clicking on zone edit Breadcrumb redirect to 404 page not found
  • [RANGER-2352] - Ranger installation is failing for Oracle and Postgres DB
  • [RANGER-2355] - Reports page: policy listing to have column of Zone name
  • [RANGER-2356] - External user's email address can be edited
  • [RANGER-2359] - Show zone association with tag based service.
  • [RANGER-2367] - Hive "show grants" when Ranger is authorizer should show permission details from Ranger
  • [RANGER-2371] - Security Zone policies do not work correctly when incremental policy updates are enabled
  • [RANGER-2372] - Remove non-existing URL entries from spring config file
  • [RANGER-2373] - User creation POST and PUT response not showing groupIdList and groupNameList with expected data
  • [RANGER-2375] - RangerAuthContext is not correctly initialized
  • [RANGER-2376] - Ranger Plugin ClassLoader Doesn't Restore Thread ClassLoader
  • [RANGER-2381] - Failed to refresh policies when servicename contains space
  • [RANGER-2383] - Incorrect response when trying to delete user attached to a security zone
  • [RANGER-2384] - Get All Zones API is returning response in raw format,proper response object is required.
  • [RANGER-2396] - Inconsistency in policy operations in a disabled Ranger service
  • [RANGER-2397] - HiveServer2 fails to start with Hive Plugin for Ranger
  • [RANGER-2399] - User's listing page hits users API call twice from UI
  • [RANGER-2400] - policy name needs to be unique within security zone and service
  • [RANGER-2401] - Ranger Secuity Zone needs to be added in audit type filter in admin audit
  • [RANGER-2403] - proper error should be thrown when service part of zone being deleted
  • [RANGER-2404] - Delegate-admin permission granted by policy needs to be effective only within the zone to which the policy belongs
  • [RANGER-2405] - Evaluation of Ranger policies targeted to valid but partial resources
  • [RANGER-2406] - rangerusersync open too many session for ldap sync
  • [RANGER-2409] - Policy level condition sample matcher initialization issue
  • [RANGER-2411] - Restrict Admin role user to create Zone for KMS service
  • [RANGER-2412] - Policy Condition Evaluators existing and newly created should work in both policy level and policy item level
  • [RANGER-2413] - Python script to update rangertagsync config properties
  • [RANGER-2415] - Value of isExcludes flag needs to be considered when matching accessed resource to Ranger policy
  • [RANGER-2417] - Set Atlas Entity owner to RangerAccessResource ownerUser attribute for Atlas Ranger Plugin
  • [RANGER-2419] - Improve sql script to skip statements when atlas service def is not supported
  • [RANGER-2421] - Solr audit fails in Atlas plugin
  • [RANGER-2423] - Ranger KnoxSSO authentication in Ranger HA environment
  • [RANGER-2430] - Zoneadmin User is able to create policy for those services which is not associated to zone
  • [RANGER-2434] - Remove dependency from com.google.common.base.Objects or MoreObjects
  • [RANGER-2437] - Update grant/revoke error message to provide more information about the principal type
  • [RANGER-2438] - Legacy PublicAPI REST API to get all policies fails
  • [RANGER-2439] - Unable to view policy details from access audits when policy has policy condition at policy level
  • [RANGER-2444] - Admin logs are not getting generated when "policy level" policy condition is updated
  • [RANGER-2445] - Import of Tag based policies for zone
  • [RANGER-2449] - if service part of zone is not present then null pointer exception is thrown
  • [RANGER-2451] - Atlas plugin is not working when security zone is created for Atlas service in Ranger Admin.
  • [RANGER-2453] - Tag data-masking policy should allow only one tag as resource
  • [RANGER-2455] - When service created inside a zone landing page that service gets created in unzonned landing page.
  • [RANGER-2456] - Upgrade of Ranger Admin to the current version fails in PatchForKafkaServiceDefUpdate_J10025
  • [RANGER-2459] - [E] ranger_core_db_mysql.sql file import failed!
  • [RANGER-2463] - Ranger admin authorization audits fails intermittently to fetch from Solr
  • [RANGER-2469] - java.lang.IllegalArgumentException: More than one fragment with the name during Ranger start after RANGER-2464
  • [RANGER-2473] - Upgrade of Ranger Admin to the current version fails in PatchForAtlasResourceAndAccessTypeUpdate_J10016
  • [RANGER-2474] - Policy version and details in access audits wrong when deny condition added to policy
  • [RANGER-2478] - Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions
  • [RANGER-2479] - Change test connection preferred SQL statement for Oracle DB Flavor
  • [RANGER-2480] - Hive URL Policy doesn't match if recursive flag is on for the url resource
  • [RANGER-2485] - Security zone filter is causing Ranger audit access request waiting for longer
  • [RANGER-2487] - Resource policy names with a characters that are typically HTML escaped mutate and grow as they are saved.
  • [RANGER-2493] - Ranger takes long time to delete a service with many policies
  • [RANGER-2500] - Zone Policies not getting imported when 'updateIfExists=true' is passed through curl.
  • [RANGER-2502] - Presto plugin insert bug
  • [RANGER-2509] - Add validation message for Importing non JSON file on import action.
  • [RANGER-2511] - default tag based service is getting created for the tag based service
  • [RANGER-2513] - Unable to delete user if he has references in new ref tables.
  • [RANGER-2514] - Search field validation prompt is inconsistent with field names in audit page
  • [RANGER-2516] - Update Ranger default policies to provide entity-read access to public group
  • [RANGER-2518] - Allow service creator to delete the service
  • [RANGER-2519] - Import policy may fail if a policy exists with same guid in another service
  • [RANGER-2520] - Prevent Roles to be saved in Ranger Role Management page when user or groups are not added to the role

Test

  • [RANGER-2150] - Unit test coverage for XUserMgr and UserMgr class
  • [RANGER-2171] - Unit Test cases to cover policy operations from service admin user

Wish

Task

  • [RANGER-2198] - Remove deprecated client API from HBase plugin
  • [RANGER-2226] - Define explicit (test) dependency on json-smart in the Knox agent
  • [RANGER-2256] - Grammatical error in UI
  • [RANGER-2422] - Zone Admin and Zone Auditor can see only its associated audit access log
  • [RANGER-2452] - Release Ranger 2.0.0

Sub-task

  • [RANGER-2175] - Write install guide for Ranger Elasticsearch plugin RANGER-2170
  • [RANGER-2219] - De-normalize schema for storing tags and related objects
  • [RANGER-2260] - Atlas servicedef version change patch should update atlas access type def for tag def also.
  • [RANGER-2274] - Allow delegated admin user to view list of users and groups though they have 'USER' role
  • [RANGER-2293] - Create and update ref tables for security zone data
  • [RANGER-2310] - Record admin audits in Ranger during Create, Update and Delete operations on Zone
  • [RANGER-2320] - Make db schema patches script idempotent for all DB Flavors
  • [RANGER-2402] - Best Practices: Make db schema script idempotent
  • [RANGER-2429] - Ranger KMS is not starting properly
  • [RANGER-2477] - Ranger KnoxSSO authentication when X-Forwarded-Host header is not forwarded
  • No labels