New Feature

  • [RANGER-676] - Audit logging to Elasticsearch
  • [RANGER-1784] - Presto Ranger integration
  • [RANGER-2052] - Ranger admin supports high availability
  • [RANGER-2393] - Document level authorization for solr
  • [RANGER-2497] - Support Azure Key Vault for storing master keys of Ranger KMS
  • [RANGER-2625] - Plugin capability/compatibility model
  • [RANGER-2683] - Kudu Ranger Integration
  • [RANGER-2697] - Retrieve additional user/group attributes from AD/LDAP and rest API to download this information
  • [RANGER-2723] - Support multi-field attribute based document level controls for Solr
  • [RANGER-2748] - Schema Registry Ranger Plugin
  • [RANGER-2862] - Ranger Client Libraries (Java) For REST Services
  • [RANGER-2863] - Ranger UI Improvement.
  • [RANGER-2897] - Update jQuery version.
  • [RANGER-2900] - Include policy priority in policy details popup on access auidts page
  • [RANGER-2927] - Ranger Client Libraries (Python) For REST Services

Improvement

  • [RANGER-785] - Ranger plugins should support a formal notion of super user
  • [RANGER-837] - Fix Maven Assembly
  • [RANGER-2510] - Support for Incremental tag updates to improve performance
  • [RANGER-2528] - Export API to get zone, unzone as well as tag based policies from Ranger.
  • [RANGER-2535] - Good coding practices for storing and retrieving data history in ranger
  • [RANGER-2542] - Similar to RANGER-2515, add .gitignore for project plugin-ozone and ranger-ozone-plugin-shim
  • [RANGER-2550] - Increase sort_order field length of all the tables
  • [RANGER-2551] - Optimize obtaining the agentHostname of audit log
  • [RANGER-2555] - Enhancements in Ranger plugins to support Ranger HA without load-balancer
  • [RANGER-2561] - add functionality in ranger to get default policy groups list from service config while creation of service and add that group to policies in that service
  • [RANGER-2571] - Need to add Knox proxy configuration support in Ranger plugins
  • [RANGER-2575] - Java 11 Support for Ranger
  • [RANGER-2584] - Disable deny and exceptions in policies for NiFi
  • [RANGER-2588] - Integrate Apache maven checkstyle plugin to Ranger
  • [RANGER-2589] - Introduce Ranger API to return Ranger's JVM resource status metric
  • [RANGER-2590] - add displayName attribute to service-def and service
  • [RANGER-2591] - Need changes for usersync(unix/ldap) to support HA without load balancer.
  • [RANGER-2592] - Enhancements in Ranger usersync to support Ranger HA without load-balancer
  • [RANGER-2594] - Improve policy validation performance during delete
  • [RANGER-2595] - Improve policy delete performance using batch delete
  • [RANGER-2599] - Add more audit data to HBase grant/revoke events
  • [RANGER-2607] - Disable deny and exceptions in policies for NiFi Registry
  • [RANGER-2608] - Create profile for building only security-admin assemby
  • [RANGER-2627] - Upgrade Apache commons-beanutils to 1.9.4
  • [RANGER-2632] - Record additional Active Directory attributes in Ranger DB
  • [RANGER-2636] - Allow NiFi Client to use default SSLContext
  • [RANGER-2639] - XUserService has duplicate db query in when populateViewBean for XXUser
  • [RANGER-2643] - Use JPA/JDBC batching during policy creation
  • [RANGER-2646] - Refactor: replace references to static configuration instance
  • [RANGER-2651] - Improve performance of building and querying RangerResourceTrie
  • [RANGER-2652] - Refactor policy engine
  • [RANGER-2653] - Refactor product code to move out APIs used only by test code
  • [RANGER-2654] - refactor RangerBasePlugins to remove static servicePluginsMap
  • [RANGER-2657] - Upgrade Hive version from 3.1 to 3.1.2
  • [RANGER-2662] - Upgrade Kylin version to 2.6.4
  • [RANGER-2663] - Add elasticsearch-plugin infomation to README.txt
  • [RANGER-2666] - Rename matchType and matchScope enumerators to more descriptive names
  • [RANGER-2668] - Remove tag service linking for any service created in Ranger KMS
  • [RANGER-2669] - Blacklist for Ranger Audits
  • [RANGER-2674] - Allow service admins to manage tag policies
  • [RANGER-2682] - Add new authorization privilege - "admin-purge" in Ranger-Atlas service.
  • [RANGER-2686] - Upgrade Tomcat version to 7.0.99 in Ranger
  • [RANGER-2695] - Default displayName for ServiceDef
  • [RANGER-2699] - JVM metrics for Ranger usersync and Ranger tagsync
  • [RANGER-2700] - creating service sometimes fails because SecureRandom.getInstanceStrong() is often blocked
  • [RANGER-2701] - Improve Logging mechanism for Ranger KMS
  • [RANGER-2706] - usermapsyncenabled can be removed from code
  • [RANGER-2711] - "Service display Name" attribute on all tabs in Ranger
  • [RANGER-2712] - Revisit privileges for rangerlookup user in default policies
  • [RANGER-2721] - README.txt shows incorrect build command
  • [RANGER-2724] - Support EXECUTE permission in HBase Authorisation
  • [RANGER-2725] - Improve the Checkstyle integration from RANGER-2588
  • [RANGER-2734] - update Ranger authorizer for Atlas to support new operations
  • [RANGER-2741] - Fix typo in solr_for_audit_setup
  • [RANGER-2744] - Add response header in login.jsp page
  • [RANGER-2746] - Handle display name for upgrade scenario
  • [RANGER-2753] - Optimize populating user group mappings from DB.
  • [RANGER-2754] - Update presto dependency and implement row/column level security
  • [RANGER-2758] - Option to create missing users/groups while creating/updating roles
  • [RANGER-2759] - Migrate Python scripts to Python 3
  • [RANGER-2766] - enable implementations of RangerAccessResourceImpl to provide custom stringified value
  • [RANGER-2768] - Ranger audit UI updates to render action field.
  • [RANGER-2770] - Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)
  • [RANGER-2772] - Adding the functionality of merging the policy
  • [RANGER-2779] - update tag-sync to process Atlas notifications for ADLS-Gen2 entities
  • [RANGER-2780] - Ranger plugins should support audit-exclude users
  • [RANGER-2783] - Add schema registry service def to be registered by default on start of Ranger
  • [RANGER-2787] - Upgrade presto version to 331
  • [RANGER-2791] - Ignore .iml files from RAT check for schema-registry plugin
  • [RANGER-2796] - Ranger Reports page to show user + groups policies for user based search
  • [RANGER-2808] - Service Name must not allow spaces in newly created services
  • [RANGER-2811] - Ranger should keep trying to create collection in solr until its successfully created
  • [RANGER-2825] - Fix PMD issues
  • [RANGER-2826] - Update Presto Plugin to support PrestoSql 333
  • [RANGER-2829] - support to specify super-users/groups and audit-exclude-users/groups via plugin config
  • [RANGER-2834] - Upgrade Ranger to support Elasticsearch 7.6.0
  • [RANGER-2842] - RangerDefaultRequestProcessor preProcess overrides clusterName, clusterType
  • [RANGER-2843] - Privilege filteration is required for ranger lookup user for Nifi and Nifi Registry
  • [RANGER-2849] - Allow Ranger to be configurable to not disclose server version
  • [RANGER-2850] - Add javax.annotation to Presto plugin to ensure java 11 support
  • [RANGER-2851] - Remove caret M characters from ranger files
  • [RANGER-2852] - Add .gitattributes file to prevent CRLF and LF mismatches for source and text files
  • [RANGER-2854] - Make audit bootstrap property configurable
  • [RANGER-2861] - Support username and keytab to authenticate ES service to use as an Ranger Audit Store
  • [RANGER-2867] - Update Spring Security framework for Ranger
  • [RANGER-2887] - Upgrade Tomcat to 7.0.104
  • [RANGER-2888] - Upgrade Spring framework to version 4.3.27.RELEASE
  • [RANGER-2890] - Add missing log4j properties for audit log
  • [RANGER-2896] - show grant not display grant_time in hive plugin
  • [RANGER-2902] - Add policy id to the list of filters in Access Audit Tab
  • [RANGER-2904] - Add appopriate warning messages when updates to in-memory policy cache encounter unexpected conditions
  • [RANGER-2908] - Upgrade jackson version to 2.10.3
  • [RANGER-2916] - Get rid of POM model related warnings in Ranger build output
  • [RANGER-2920] - Improvement in DB scripts for handling upgrade scenario for MS-SQL
  • [RANGER-2923] - Changing data type of sync_source_info column to accommodate more characters
  • [RANGER-2925] - Ranger UI - third party library version upgrades part 1
  • [RANGER-2935] - Upgrade joda-time to 2.10.6
  • [RANGER-2939] - Search functionality with Cluster name is not working on Audit>>Access and Plugins tab
  • [RANGER-2949] - Upgrade Tomcat to 7.0.105
  • [RANGER-2960] - Docker setup to build Ranger
  • [RANGER-2961] - Docker setup to run Ranger Admin
  • [RANGER-2966] - Upgrade POI to 4.1.2
  • [RANGER-2969] - Docker setup to run Ranger enabled HDFS
  • [RANGER-2970] - HBase plugin package - remove duplicate libraries, add missing library
  • [RANGER-2971] - Docker setup to run Ranger enabled HBase
  • [RANGER-2974] - Docker setup to run Ranger enabled Kafka
  • [RANGER-2975] - Docker setup to run Ranger enabled YARN
  • [RANGER-2980] - Update Ranger build to generate one type of archive only - .tar.gz

Bug

  • [RANGER-332] - Ranger Plugin config to support policy manager URLs
  • [RANGER-2109] - Ranger mysql db does not allow creation of many service definitions
  • [RANGER-2378] - KeySecure HSM Integration is not compatible with Java9
  • [RANGER-2483] - Presto plugin uses /presto/plugins instead of /presto/plugin
  • [RANGER-2499] - Improve bulk create/update policy performance
  • [RANGER-2512] - RangerRolesRESTClient for serving user group roles to the plugins for evaluation
  • [RANGER-2526] - Log does not get generated for "Deny All Other Accesses" toggle button available on Policy page.
  • [RANGER-2527] - UI Improvement for Roles create update and delete log on Audit -> Admin Tab.
  • [RANGER-2529] - Create index on obj_id and obj_class_type column of x_data_hist table
  • [RANGER-2530] - Constant increase in memory usage by ranger-usersync process and eventually going out of memory
  • [RANGER-2531] - Removing a user from a group is not reflected properly in unix based sync.
  • [RANGER-2533] - After setting 'xasecure.audit.is.enabled' to 'false', the audit log is still logged
  • [RANGER-2534] - Official logo for Apache Ranger
  • [RANGER-2536] - Ranger Hive authorizer enhancement to enable Hive policies based on resource owners
  • [RANGER-2537] - Ranger KMS having wrong bit length and version in DB after after export / import within keystore file
  • [RANGER-2538] - Ranger policy import calls via knox trusted proxy failing
  • [RANGER-2539] - Create Default Policies for Hive Databases -default, Information_schema
  • [RANGER-2543] - Delete service def request is failing
  • [RANGER-2544] - Ranger Owner Policy not getting honored for SELECT * queries.
  • [RANGER-2546] - Replace hard-coded 'python' with '$PYTHON_COMMAND_INVOKER' in setup.sh
  • [RANGER-2547] - Good coding practices: minimize use of static/unnecessary class members
  • [RANGER-2548] - Ranger-admin updates to ensure owner information in GrantRevokeData is correctly consumed
  • [RANGER-2552] - Adding a user to a group is resetting the role/permissions of the user
  • [RANGER-2553] - Hive RangerServiceDef isValidLeaf attribute values should not be copied to DataMaskDef and RowFilterDef
  • [RANGER-2554] - Log out message for Ranger needs to be more informative on Knox enabled cluster
  • [RANGER-2556] - RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information
  • [RANGER-2559] - Update Atlas Authorizer with forwardedAddresses and Remote IP to handle request from proxy..
  • [RANGER-2560] - Solve the problem of the order of the configuration items of the Solr plugin
  • [RANGER-2564] - Avoid recursive audit log in Solr Plugin by user "solr" when plugin is enabled for ranger_audits collection
  • [RANGER-2565] - Remove duplicate error messages when test connection fails
  • [RANGER-2567] - Ranger fails to connect wired Solr
  • [RANGER-2568] - Ranger Hive policy creation page in Ranger Admin UI shows resources as Database,None instead of Database,Table,Column
  • [RANGER-2569] - Policy with isDenyAllElse=true denies request to check if any access is allowed
  • [RANGER-2573] - Ranger hbase policy not taking effect if column-family name is given in policy
  • [RANGER-2574] - Ranger Import of fails if policy type is not passed
  • [RANGER-2577] - Missing one dependency jar file during packaging for Ranger Ozone plugin.
  • [RANGER-2580] - RangerPolicy.getServiceType API should return name of the service-type
  • [RANGER-2581] - Ranger solr plugin fails to connect to SSL enabled Ranger
  • [RANGER-2582] - Policy history details popup not getting populated properly.
  • [RANGER-2583] - Upgrade jackson-databind
  • [RANGER-2585] - Ranger audits for hive role commands show user as "hive" instead of the effective user
  • [RANGER-2586] - Ranger KMS start fails with NoClassDefFoundError
  • [RANGER-2597] - Allow auditor role user to get details of services and policies from public API
  • [RANGER-2600] - Ranger Login Sessions audits always show "Login Type" as "Username/Password" even for kerberos login
  • [RANGER-2602] - Import is failing with "Can not construct instance of java.util.Date from String" error
  • [RANGER-2603] - Delegate Admin processing incorrectly giving policy access to user - due to owner
  • [RANGER-2605] - Update maven version to 3.6.2
  • [RANGER-2606] - Maven central deployment publishing only the top level ranger artifact
  • [RANGER-2610] - NPE in PolicyRefresher if service-policies in policy-cache contain only service definition
  • [RANGER-2612] - Last updated time of tag based policies under "Plugin Status" tab are not getting updated
  • [RANGER-2613] - Public API for listing roles needs to return a Java list of RangerRole objects
  • [RANGER-2614] - Unable to create service
  • [RANGER-2615] - Unable to create Role
  • [RANGER-2616] - Add reencryptEncryptedKey, batch reencryption interface to KMS and improve logs
  • [RANGER-2617] - Provide descriptive error message when role delete not allowed
  • [RANGER-2618] - Restrict rolename change when a policy/another role with that role exist
  • [RANGER-2619] - Admin Audit Details not displayed for edit role
  • [RANGER-2620] - Create empty Role cache file when no roles are present in ranger yet.
  • [RANGER-2622] - Ranger UI side code improvement.
  • [RANGER-2623] - Add Validations to RoleREST apis
  • [RANGER-2624] - Issue downloading Ranger Roles in non-kerberized cluster
  • [RANGER-2626] - Block unauthenticated access to Ranger REST endpoints in kerberized environment
  • [RANGER-2630] - Ensure that entity deletes are handled even when Atlas sets deleted entity's state as not ACTIVE
  • [RANGER-2631] - Ranger Audit logs for SHOW commands related to ROLE operations in Hive
  • [RANGER-2633] - RangerYarnAuthorizer should get the remoteIPaddress from the accessRequest from YARN
  • [RANGER-2635] - Backport hadoop-kms changes in ranger-kms
  • [RANGER-2637] - RangerTags loading issue when Ranger admin service is not available.
  • [RANGER-2638] - Ranger admin Logging improvement
  • [RANGER-2641] - Upgrade scenario fails in MYSQL DB
  • [RANGER-2642] - Grant/Revoke REST invocations by non-service users should not specify resource owner
  • [RANGER-2644] - Improvement in Ranger encryption algorithm usage.
  • [RANGER-2647] - Show display name instead of name in UI
  • [RANGER-2648] - Provide policy list page url with service name
  • [RANGER-2649] - Unix user doesn't get 'Admin' role when set through assignment rules
  • [RANGER-2650] - Public group should not be given access to all kafka resources in default ranger policies
  • [RANGER-2655] - Ranger UI improvement
  • [RANGER-2656] - RangerHiveAuthorizer filterListCmdObjects failed to filter database / tables when HMS calls the authorizer for filtering
  • [RANGER-2659] - Zone-based policies are not listed for USER_ROLE with delegate admin privilege
  • [RANGER-2660] - Option to create missing users/groups/roles while creating/updating/importing policies
  • [RANGER-2661] - NullPointerException on RangerRolesProvider.loadUserGroupRoles
  • [RANGER-2665] - Policy engine for delegate-admin processing is not built correctly when policy-deltas are enabled and a zone policy is updated
  • [RANGER-2667] - Running the disable-presto-plugin.sh script will always get stuck
  • [RANGER-2671] - Running the setup.sh in usersync a second time will change the permissions and owner of hadoop core-site.xml
  • [RANGER-2675] - Add Logs if keystore is not initialised during Ranger start
  • [RANGER-2677] - Fix corner case of Ranger Audit login going into race condition
  • [RANGER-2678] - RangerUgSyncRESTClient sets password as username for basic auth
  • [RANGER-2679] - upgrade spring framework version to 4.3.23 to be compatible with current spring security version(4.2.13)
  • [RANGER-2680] - Ranger Usersync and Tagsync is not updating session cookie until restart
  • [RANGER-2685] - set_globals.sh will throw an exception "cp ews/logs/* failed"
  • [RANGER-2687] - NoClassDefFoundError when Ranger Knox plugin is enabled
  • [RANGER-2688] - Make cookie name configurable
  • [RANGER-2690] - Default service display name is not getting set for Tag service
  • [RANGER-2691] - Upgrade with MsSQL fails because of invalid syntax
  • [RANGER-2692] - RangerKafkaAuthorizer support for ConsumerGroup resource for authorization
  • [RANGER-2694] - TagSync fails to start due to NoClassDefFoundError
  • [RANGER-2696] - Fix unit test failure in TestPolicyEngine.testValiditySchedulerApplicable
  • [RANGER-2698] - Fix Ranger Unit Test failing in Ranger hive Plugin
  • [RANGER-2702] - Upgrade Kafka Version in Ranger to 2.4
  • [RANGER-2703] - Grant operation succeeds even though there is no delegate admin permission
  • [RANGER-2705] - Group sync does does not parse DNs properly
  • [RANGER-2707] - ranger.usersync.enabled not respected on initial ugsync startup
  • [RANGER-2708] - Ranger public group check uses wrong comparison for equality
  • [RANGER-2714] - Fix Failing Kylin test cases
  • [RANGER-2715] - "Service display Name" attribute on all tabs in Ranger(UI)
  • [RANGER-2717] - Edit repo/service fails(Knox proxy)
  • [RANGER-2718] - Utility to update user and group names in stored policy json
  • [RANGER-2719] - Fix Ranger Atlas Plugin packaging issue
  • [RANGER-2720] - Search filter not work properly.
  • [RANGER-2722] - policies/hive/for-resource api call is returning deleted policies
  • [RANGER-2729] - RANGER-2660 should creates external users rather internal
  • [RANGER-2730] - Missing JAVA Patch record in the ranger admin x_db_version_h table
  • [RANGER-2731] - BaseDao.batchCreate uses the wrong property
  • [RANGER-2735] - Update Atlas serviceDef for upgrade case of RANGER-2734
  • [RANGER-2743] - Upgrade Tomcat Version to 7.0.100
  • [RANGER-2747] - Ranger integration with presto works on "Release 317" but fails on versions later
  • [RANGER-2749] - Ranger depends on commons-lang but doesn't specify it in it's pom
  • [RANGER-2750] - Permission "alter" has to be there for TOPIC and CLUSTER resource in RangerKafkaPlugin ServiceDef
  • [RANGER-2752] - Upgrade from 0.7.0 to master fails due to schema issue
  • [RANGER-2755] - Update Atlas service-def and plugin for changes in ATLAS-3653
  • [RANGER-2756] - A spelling mistake in RangerHiveAuthorizer
  • [RANGER-2757] - Ranger Knox SSO logout issue
  • [RANGER-2761] - Policy evaluators are not correctly updated when using policy deltas for downloads to plugins
  • [RANGER-2762] - Logout issue when knox-trusted proxy is enabled
  • [RANGER-2763] - Hive SET Role command in Ranger hive plugin
  • [RANGER-2764] - Role API : Duplicate key value violates unique constraint "x_ranger_global_state_uk_state_name"
  • [RANGER-2765] - Correct permissions are not getting loaded for entity-label in Atlas service
  • [RANGER-2773] - Enhanced logging messages for RangerScriptConditionEvaluator class
  • [RANGER-2775] - Pagination not working for role in Ranger admin UI page
  • [RANGER-2776] - Unable to access service through knox, facing NPE when authorization is set to Ranger
  • [RANGER-2777] - Ranger Knox Plugin failed to download Roles
  • [RANGER-2781] - default policy creation fails for policy-items with no users
  • [RANGER-2785] - Ranger Ozone plugin does not include configuration jars
  • [RANGER-2786] - Ranger usersync group modifyTimestamp parsing should be in 24 hours format
  • [RANGER-2788] - Fix schema-registry servicedef with correct values of id and itemIds.
  • [RANGER-2789] - GET API service/xusers/users turns very slow when there are more than 1000 users
  • [RANGER-2790] - Import start and import end are not in sequence
  • [RANGER-2793] - Admin log clogged with a warning
  • [RANGER-2794] - Search is not working in Role page
  • [RANGER-2795] - Update Presto serviceDef for upgrade case of RANGER-2754
  • [RANGER-2797] - changing error to debug as it does not make impact on transactions
  • [RANGER-2800] - Ranger DB upgrade script for version name change in x_ranger_global_state table
  • [RANGER-2801] - Update apache thrift version in ranger
  • [RANGER-2802] - Java patch J10034 may fail in upgrade case
  • [RANGER-2803] - Modify db_setup.py script to handle pre-created user's tablespace for Oracle
  • [RANGER-2804] - Ranger Ozone plugin unable to write to solr audits in SSL enabled cluster
  • [RANGER-2805] - Create role with non-existing group/user failing due to concurrent threads
  • [RANGER-2806] - RangerScriptConditionEvaluator does not initialize correctly with openJDK 11
  • [RANGER-2807] - Change audit format for access logs
  • [RANGER-2809] - Solr plugin fails to download policies with authentication error in a secure cluster
  • [RANGER-2812] - Upgrade Nimbus-Jose-JWT and netty versions
  • [RANGER-2813] - [HBase]Not able to pull execute permission given to user from getUserPermissions API in HBase Ranger Coprocessor
  • [RANGER-2814] - RangerServiceResource signature should not include service-specific information
  • [RANGER-2815] - Ranger HDFSAuditDestination flush call should be privileged one
  • [RANGER-2817] - Service configuration update does not cause policies in the service to get downloaded to plugin
  • [RANGER-2818] - [Ozone Ranger Plugin] Init Failed due to CNF JacksonJsonProvider
  • [RANGER-2821] - Update ranger authorizer for Atlas to add admin-purge
  • [RANGER-2822] - Best practices: Refactor embeddedserver code and remove redundant code
  • [RANGER-2823] - RangerResouceTrie.copySubTree() does not set up TrieNode's child nodes correctly
  • [RANGER-2824] - Allow from an override policy having deny-items is ignored
  • [RANGER-2828] - RangerExportPolicy with resource filter fails to fetch policies
  • [RANGER-2831] - presto-server-333 start failed due to NoClassDefFoundError
  • [RANGER-2833] - Enforcing Strict transport security
  • [RANGER-2836] - Make Elasticsearch port and protocol properties configurable
  • [RANGER-2838] - Kafka Testcase failing the build with NoClassDefFoundError
  • [RANGER-2839] - Assorted improvements for debugging and handling of thread terminations, clean-up of unused data, etc.
  • [RANGER-2840] - Create policy with non existing group is failing due to to multiple threads creating same group
  • [RANGER-2841] - Refactor userstore enricher in order to support userstore download without service information
  • [RANGER-2844] - presto-server-333 can not show schemas/tables after integrated with Ranger master branch
  • [RANGER-2853] - "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
  • [RANGER-2855] - import policy for ranger is not working properly if updateifexist parameter is passed
  • [RANGER-2856] - A policy should be deleted if it has no policyItems
  • [RANGER-2858] - 'show databases' gives permission denied error, even though the user has permissions on a few of the databases in security zone policies
  • [RANGER-2864] - Group creation is failing during import policy
  • [RANGER-2869] - Ranger audit module to provide an option to generate a GUID for each audit log
  • [RANGER-2872] - The Ranger authentication group permission of the ES does not take effect.
  • [RANGER-2874] - Tag policies not getting enforced for ADLS path
  • [RANGER-2875] - Security zone policy not getting enforced correctly for some servicedef
  • [RANGER-2876] - allow-exception policy-items are not correctly handled when access-type is '_any'
  • [RANGER-2877] - ElasticSearch-Plugin throws NullPointException when the type of request is 'PutMappingRequest'
  • [RANGER-2881] - Delegate Admin user having role "user" able to create policy which has non-existing users/groups
  • [RANGER-2885] - Add missing PermType Java codes for new versions of Kafka
  • [RANGER-2886] - Exporting tag policies fails when 'polResource' query parameter is used
  • [RANGER-2893] - show grant on database xxx will fail in ranger hive plugin
  • [RANGER-2903] - Remove elasticsearch audit's is_enabled property from config
  • [RANGER-2905] - Failed to log Audit event in Elasticsearch
  • [RANGER-2911] - ES plugin missing implemention for some ES request
  • [RANGER-2912] - ranger and plugins will throw GSSAPI error when write audit log to ElasticSearch when cluster running on none security mode
  • [RANGER-2913] - Import policy fails when policy with same name present in multiple service
  • [RANGER-2914] - Invalid obj name in DB script for MS-SQL
  • [RANGER-2915] - Support tag based policies for Ozone resources in Ranger
  • [RANGER-2917] - Avoid recursive audit log in ES Plugin by user elasticsearch when plugin is enabled for ranger_audits index
  • [RANGER-2918] - Ranger Audit for HBase does not capture predicates
  • [RANGER-2919] - Source policies gets deleted after importing policy with deleteifexists parameter
  • [RANGER-2921] - Regression: When all resource and tag(if applicable) policies are deleted then plugin continues to use old set of policies
  • [RANGER-2922] - Query info not included for solr query audits in Ranger
  • [RANGER-2930] - Change atlas version to 2.1.0 for Ranger 2.1.0 release
  • [RANGER-2931] - Fix PMD Error of RANGER-2922
  • [RANGER-2938] - [Ranger Audits] Zone Name field is not populated in case of Deny Operations via Security Zones
  • [RANGER-2944] - Presto plugin lookupResource throws NPE if not set service password
  • [RANGER-2945] - Need to check if RANGER_LOGIN_PASSWORD exists in HadoopConfigHolder
  • [RANGER-2947] - [Ranger][Policy Import] Usage of serviceType config while importing ranger policy for any service
  • [RANGER-2958] - Unable to run build using docker script - build_ranger_using_docker.sh
  • [RANGER-2968] - HDFS plugin package - missing library
  • [RANGER-2978] - Ranger upgrade fails due to missing DB function.
  • [RANGER-2979] - Test failure due to NPE
  • No labels