Sub-task

  • [RANGER-7] - knox configwacher need not initialize credentialstore when it is talking to non ssl policy store
  • [RANGER-23] - Add unit tests for knox agent pdp logic URLBasedAuthDB

Bug

  • [RANGER-1] - Initial code import
  • [RANGER-2] - Add Eclipse project setup files and additional libs/js files
  • [RANGER-6] - add ability to make user/group name as lower/upper case when importing from LDAP/AD
  • [RANGER-9] - Add Support for STORM access control from Argus
  • [RANGER-10] - Knox Policy Creation page should indicate ServiceName is mandatory
  • [RANGER-11] - Agent Installation script fails to create credential store
  • [RANGER-12] - Knox Audit Event times are not shown correctly
  • [RANGER-13] - Incorrect version number on pom.xml - should match with Apache Release version - 0.1.0
  • [RANGER-14] - repository type is not correctly reported for knox policy operations
  • [RANGER-15] - HBase Coprocessor is not working with HBase 0.98 version
  • [RANGER-16] - knox agent installer should store passwords encrypted in credential store
  • [RANGER-17] - Grant/revoke to update policies in Argus
  • [RANGER-18] - knox default policy should grant allow, admin to repo creator
  • [RANGER-19] - Users imported from external system does not see all menu options ...
  • [RANGER-21] - Argus Admin Web failing to connect to Hive2 server
  • [RANGER-22] - Remove local library dependency
  • [RANGER-24] - Ignore case while comparing request IP and policy IP during policy evaluation
  • [RANGER-25] - Unable to save policy with auditing turned off
  • [RANGER-27] - usersync installation fails when using complex user search filter
  • [RANGER-28] - Test Connection failure for HBase Repository - XA Admin (UI)
  • [RANGER-29] - Unable to enter kerberized username during the repository creation
  • [RANGER-30] - "Repository Type" Drop down list should not include "Agent"
  • [RANGER-31] - Show Policy Name in the Audit Admin tab
  • [RANGER-32] - Admin UI does not reflect policy updates in the backend
  • [RANGER-33] - Hive agent installation should support newly introduced hiveserver2-site.xml
  • [RANGER-35] - Audit logs for Knox and Storm not asynchronous
  • [RANGER-36] - Perform Table Autocomplete only when user starts entering characters
  • [RANGER-37] - Delegated admin user should NOT be allowed to modify base policy
  • [RANGER-38] - Error in server log during Knox policy creation
  • [RANGER-39] - HBase agent system tables list should include hbase:meta
  • [RANGER-40] - User denied table access after access is granted via GRANT
  • [RANGER-41] - Replace XASecure copyright with Apache License Header in source code
  • [RANGER-42] - Cache file is getting generated with snapshot of last policy state, even after deleting cache file and bringing policy mgr down
  • [RANGER-43] - Grant API call throws NullPointerException
  • [RANGER-44] - Patch to handle policies which has policyname as blank (as per old db schema)
  • [RANGER-45] - Create a db update script to remove trailing / from resource path
  • [RANGER-46] - Encrypt the plain text password for lookup
  • [RANGER-47] - Patch to encrypt plain text passwords from previous deployments
  • [RANGER-48] - Remove Hortonworks reference from UI
  • [RANGER-49] - add apache copyright to java, js files missing copyright
  • [RANGER-50] - Hive authorizer should allow show/desc commands only if user has SELECT privilege
  • [RANGER-51] - Remove duplicate library bundling during build of knox agent
  • [RANGER-53] - Remove testConfig from REST API
  • [RANGER-54] - Delete Repository API is not working as expected
  • [RANGER-55] - Installation process displays password on plain-text on the screen
  • [RANGER-56] - Async audit: events are not flushed to DB until batch-size number of events are logged
  • [RANGER-57] - Public REST API: Search functionality not working for Repository and Policy
  • [RANGER-58] - Grant/Revoke REST API calls fail even when XA Policy allows 'Admin' access to 'public' group
  • [RANGER-59] - Change Audit log format to JSON instead of of String Object for log4j audit generation
  • [RANGER-60] - Credential file creation during hbase and hive agent installation has to have permission for all the user to read to avoid hbase and hive client users failing to use it for audit log.
  • [RANGER-61] - "Select Role" field is blank (Firefox issue)
  • [RANGER-62] - Handle Special characters in passwords (in install.properties)
  • [RANGER-63] - Change the default public REST API response to JSON
  • [RANGER-64] - Cache file is getting generated with snapshot of last policy state, even after deleting cache file and bringing policy mgr down
  • [RANGER-65] - add xml prolog to xml files missing the prolog
  • [RANGER-66] - Set autocomplete off for fields that contains sensitive data
  • [RANGER-67] - Create/Update Knox Policy fails to save ipAddress passed
  • [RANGER-70] - typo in knox agent install script
  • [RANGER-72] - Agents receive 304 (Not Modified) though the server has updated policies
  • [RANGER-74] - Delegated admin can access all the policies through URL
  • [RANGER-75] - Getting PatternSyntaxException on Windows while creating HDFS policy
  • [RANGER-76] - Wrong duplicate message on policy name
  • [RANGER-77] - Use POST method in login.jsp
  • [RANGER-78] - knox agent installation fails reporting class not found: ParseException
  • [RANGER-79] - NullPointerException during lookup of Hive policy
  • [RANGER-80] - Add ability to search policies by status
  • [RANGER-83] - Audit logs to HDFS: use /var/log/<component> as the default directory for staging audit logs
  • [RANGER-84] - HDFS audit logs show leading "/" in IP Address
  • [RANGER-85] - Avoid duplicate policy creation
  • [RANGER-86] - Update hive-plugin for Hive changes to support UPDATE and DELETE operations
  • [RANGER-87] - Installation properties should not have derived fields such as audit url, driver
  • [RANGER-88] - TestConnection check in Argus Admin portal fails in Kerberos environment hdfs, hive and hbase repository
  • [RANGER-90] - test hive connection fails in secure cluster - password passed is not correct
  • [RANGER-91] - Audit to HDFS: Additional columns in Audit log
  • [RANGER-93] - Windows support in Credential Provider
  • [RANGER-94] - Argus plugin installation does not remove the default AccessController co-processor (in secured cluster)
  • [RANGER-97] - Error handling in audit framework needs update
  • [RANGER-100] - Change the Log level for the Argus Policy Cache File creation failure to "Warn" so the Hive Cli doesn't show it as "Error"
  • [RANGER-101] - Audit to HDFS: use Log4J instead of LogLog for debug tracing
  • [RANGER-102] - Add JUnit Test cases
  • [RANGER-103] - Policy already exists error when saving Hive policy
  • [RANGER-104] - Argus UserSync : Externalize Log file path to support Windows
  • [RANGER-105] - Define only required parameters in HBase Repository
  • [RANGER-107] - Hbase table lookup spinner does not stop
  • [RANGER-108] - database type specified in the install.properties should be case insensitive and should handle invalid entries appropriately
  • [RANGER-109] - Update Apache License displayed in Argus Admin UI
  • [RANGER-110] - User source getting changed
  • [RANGER-111] - Disable "[EL Info]" debug trace messages from EclipseLink
  • [RANGER-112] - Disable EclipseLink logs in policy admin
  • [RANGER-113] - Change service name from uxugsync to argus-usersync
  • [RANGER-114] - Argus Hive authorization to support HiveServe2 only (and not HiveCLI)
  • [RANGER-115] - html style apache license handlebar template html files breaks security-admin ui
  • [RANGER-116] - Modify DB permissions for xalogger/xaadmin user accounts
  • [RANGER-117] - Argus Knox Agent Install.properties has development defaults for the parameters which should removed
  • [RANGER-118] - Audit-Agents Tab default sort should be in reverse chronological order
  • [RANGER-119] - Argus policy admin installation failure in SUSE Linux
  • [RANGER-120] - argus ldap usersync can not import over 1000 users
  • [RANGER-121] - Removal of unnecssary lib files from repo. in preparation for release
  • [RANGER-122] - HBase Plug-in: drop/disable table operations require more permissions than HBase default permission requirements
  • [RANGER-123] - Update policy REST API call not updating permissions properly for Storm policy
  • [RANGER-124] - Change colors in user listing
  • [RANGER-125] - Remove Error Message when XaAgent inject fails with Gets 'ERROR: XASecure Agent is not located' while running HDFS commands'
  • [RANGER-126] - Change Argus name to Ranger in policy admin UI
  • [RANGER-127] - HBase resource lookup fails to return table and column family
  • [RANGER-128] - Topology lookup does not return topologies during storm policy creation
  • [RANGER-129] - Storm authorizer is writing debug messages in info level
  • [RANGER-130] - LDAP authentication fails when user does not have search privileges
  • [RANGER-131] - remove all .classpath and .project versioned files
  • [RANGER-133] - Performance improvement: Remove repeated calls to getTimeZone made during creation of audit event
  • [RANGER-134] - Audit logging performance and diagnosibility improvements
  • [RANGER-136] - Hive Authorizer: update configuration whitelist
  • [RANGER-137] - Rename Apache Argus to Apache Ranger for installation scripts
  • [RANGER-138] - usersync installer is ignoring MIN_UNIX_USER_ID_TO_SYNC
  • [RANGER-139] - ranger***-hbase-plugin tar is not bundling ranger-plugins-installer**.jar
  • [RANGER-142] - No audit info shown for user role changes
  • [RANGER-143] - Update HBase plug-in to authorize bulk-load operations
  • [RANGER-146] - Remove unused/referenced files
  • [RANGER-147] - Update default values for audit configuration - from argus to ranger
  • [RANGER-148] - Ranger Hive Plugin to update conf.server for Hive to support Ambari Installation
  • [RANGER-151] - Ranger Admin uses absolute path to the webapp
  • [RANGER-152] - service ranger-admin start fails with No such file or directory
  • [RANGER-153] - service ranger-usersync start fails with No such file or directory
  • [RANGER-154] - Review audit logging failure handling to reduce impact on application logs
  • [RANGER-155] - Refactor version number of jars for running unit tests into the parent pom
  • [RANGER-156] - License & Notice file needs to be updated with actual license text
  • [RANGER-158] - SSL service should not accept SSLv3 protocol (due to CVE-2014-3566)
  • [RANGER-159] - HiveServer2 JDBC driver in http mode is not using pre-authenticated subject credentials.
  • [RANGER-161] - Ranger installer scripts should refer to java command using JAVA_HOME
  • [RANGER-163] - Update install defaults for Audit configuration
  • [RANGER-164] - When HiveServer2 is restarted, Ranger Hive repository Lookup for database, tables and column fails
  • [RANGER-165] - Remove the security-admin/src/main/webapp/images/hortonworks*.png files
  • [RANGER-166] - License needed for security-admin/src/main/webapp/META-INF/contextXML/*
  • [RANGER-169] - Ranger Admin Hadoop repository test connection and lookup fails in Secure mode
  • [RANGER-170] - Unit Test is being ignored on some of the platform
  • [RANGER-171] - Remove dependent jar files from repo. and refer it using maven
  • [RANGER-172] - Infinispan config file needs Apache license
  • [RANGER-175] - Remove hardcoded certificates and keystores from the repo
  • [RANGER-176] - Fix Release related Issues (see description)
  • [RANGER-180] - Ranger lookup for hadoop repository fails when wire encryption is on
  • [RANGER-182] - Date format for Audit log is incorrect.
  • [RANGER-183] - Search policies public API call failing in Oracle DB
  • [RANGER-191] - Credential Provider and Policy Cache Store Unit Test Case coverage
  • [RANGER-201] - Update UserSync to optimize the REST calls made to sync users and group
  • [RANGER-303] - Consolidate DB Schema

Improvement

  • [RANGER-3] - Enhance the Hive Authorization Agent to enforce policies
  • [RANGER-4] - Add Support for KNOX access control from Argus
  • [RANGER-8] - Need document to build src and deploy.
  • [RANGER-20] - Add audit log display to show additional details (user-profile updates/ip-addresss rule changes)
  • [RANGER-26] - XA - Expose APIs in policy manager
  • [RANGER-52] - Policy UI enhancements
  • [RANGER-68] - URL dead
  • [RANGER-69] - Support Oracle database for storing policy and audit information
  • [RANGER-71] - Make Argus Admin Tool to look for configuration in CLASSPATH
  • [RANGER-73] - Support different component installation directory
  • [RANGER-89] - ARGUS UI main screen enhancements
  • [RANGER-92] - Test Connection failure should give more information
  • [RANGER-144] - Leverage Directory Computed Attribute for User Group Discovery
  • [RANGER-157] - defensively handle potential connection leaks in LdapUserGroupBuilder
  • [RANGER-162] - Code Cleanup to add/modify license headers and unwanted comments

New Feature

  • [RANGER-5] - Ability to write audit log in HDFS
  • [RANGER-135] - Build Web Site for Argus/Ranger

Task

  • [RANGER-34] - change knox topology discovery logic in the light of kNOX-349
  • [RANGER-81] - add apache rat plugin to top level pom
  • [RANGER-106] - add apache copyright to shell scripts, xml files, properties files, html files missing copyrihgt
  • [RANGER-132] - verify apache license compliance im mvn verify
  • No labels