Skip to content

Commit

Permalink
Restore permissions needed by hdfs and crossdc
Browse files Browse the repository at this point in the history
  • Loading branch information
@epugh
epugh committed Nov 24, 2024
1 parent 716ee09 commit 5425d73
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 1 deletion.
14 changes: 13 additions & 1 deletion gradle/testing/randomization/policies/solr-tests.policy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,19 @@ grant {
permission javax.management.MBeanServerPermission "findMBeanServer";
permission javax.management.MBeanServerPermission "releaseMBeanServer";
permission javax.management.MBeanTrustPermission "register";


// needed by hadoop hdfs
permission javax.security.auth.AuthPermission "getSubject";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "doAs";
permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "modifyPublicCredentials";
permission javax.security.auth.PrivateCredentialPermission "org.apache.hadoop.security.Credentials * \"*\"", "read";

// needed by crossdc
permission javax.security.auth.AuthPermission "getLoginConfiguration";
permission javax.security.auth.AuthPermission "setLoginConfiguration";

// needed by hadoop security
permission java.security.SecurityPermission "putProviderProperty.SaslPlainServer";
permission java.security.SecurityPermission "insertProvider";
Expand Down
12 changes: 12 additions & 0 deletions solr/server/etc/security.policy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,18 @@ grant {
permission javax.management.MBeanServerPermission "releaseMBeanServer";
permission javax.management.MBeanTrustPermission "register";

// needed by hadoop hdfs
permission javax.security.auth.AuthPermission "getSubject";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "doAs";
permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "modifyPublicCredentials";
permission javax.security.auth.PrivateCredentialPermission "org.apache.hadoop.security.Credentials * \"*\"", "read";

// needed by crossdc
permission javax.security.auth.AuthPermission "getLoginConfiguration";
permission javax.security.auth.AuthPermission "setLoginConfiguration";

// needed by hadoop security
permission java.security.SecurityPermission "putProviderProperty.SaslPlainServer";
permission java.security.SecurityPermission "insertProvider";
Expand Down

0 comments on commit 5425d73

Please sign in to comment.