How to disable Ranger Admin Audit logs from Database - apache-ranger

We are using Apache Ranger 2.1.0. Is there a way to disable the Ranger Admin Audit logs from the Database via configuration?

Related

Keyadmin credentials not working on Ranger Admin to log onto Ranger KMS

I am trying to install vanilla versions of Ranger KMS along with Ranger Admin (which I had previously installed). Ranger KMS compiled tar was unzipped, modified the Install.properties file to modify certain values. Was able to start the KMS service as well.
But When I tried to login into Ranger Admin using "keyadmin" which seems like default credentials for the Ranger KMS, it says username or password is invalid.
I can see that in HDP cluster, there is ranger-kms-properties which contains REPOSITORY_CONFIG_USERNAME which points to keyadmin.
Here in compiled version of binary, I dont see any such property or file where I can define. How does Ranger Admin recognize that the Ranger KMS is installed and plugin is enabled?
I populated the Install.properties file with the respective values but looks like I might be missing many of those properties.
I have created rangerkms/_host#REALM.COM principal and corresponding keytab and placed it on Ranger KMS server / Ranger Admin server.( both are same in my case)
KMS service seems to have started fine but I could see that the respository that I intended to use, is not created and hence i could see some errors related to that. I am unable to login into Ranger Admin using keyadmin user and password
And I dont see the KMS service enabled on the ranger admin UI where I could create this service.

How to login to jenkins when LDAP server is not available?

I did setup jenkins with LDAP and i'm able to login. But when i stop the LDAP server I'm unable to login to jenkins using jenkin's local user account. Also always editing the config.xml is not a good idea to change security settings. Please help me.
What Ive done in a previous role - is a copy of Jenkins config that allows admin & a selection of other users access when LDAP is down.
When LDAP is down , I switch manually
mv config.xml config.ldap.xml
mv config.internal.xml config.xml
Restart Jenkins ( https://stackoverflow.com/a/8077830/1935094 )
The config.internal.xml was setup before I configured LDAP. You could also backup your config.xml , configure Jenkins for internal user access , copy that off and copy back in your LDAP configured config.xml.
Anyway - the idea is that you can still get in , run jobs etc until LDAP is back.
Ive had thoughts about automating it , if LDAP is detected as down ( you could run a lookup periodically , then switch if need be...
As of now, local user login is not possible when LDAP enabled. Jenkins internal user database is automatically disabled when you activate LDAP authentication.
Few Jenkins JIRA to get more details on this.
JENKINS-3404
JENKINS-29162
There is no other way except editing ~.jenkins/config.xml.
Better option is to migrate(LDAP user) to Jenkins own user database.
FOR FUTURE:
- Add a secondary LDAP server on Jenkins host.
- Remember to check "Ignore if unavailable" on the first LDAP.
More info

How to configure Apache Ranger UI admin username and password?

I am doing the command-line installation of Apache Ranger i.e. without Ambari.
I have to configure Ranger UI username and password other than the defaults (i.e. admin/admin). Does anyone know which configuration file and what properties need to be set to do that?

sonarqube displays all projects on Home page with out login

I am using sonar community edition version 7.0. After sonnar-scanner -X in root Project when i navigate to the sonarqube link https:xxx.xx.xx.xxx:9000 i can see the projects are being displaced in home page with out login and any one can see that sonar report.
I have unchecked All the options for Anyone. I am using a new user and added to administrator group using that user in sonar properties file.
any solutions would be greatly appreciated.
From this website of the docs:
To force user authentication, log in as a system administrator, go
to Administration > Configuration > General Settings > Security, and
set the Force user authentication property to true.
 And then there is more info about the different authentification mecanisms:
SonarQube built-in users/groups database.
external identity providers such as an LDAP server.
HTTP Headers (property sonar.web.sso.enable in sonar.properties).
And also about the users and about the default admin credentials:
Login: admin
Password: admin

Role based authorization in Jenkins

I am running jenkins by extracting the jenkins.war file.I have installed role based authorization strategy plugin for jenkins security.I have created a admin who has full access to jenkins.And I have created users who have access to only their projects.But when I close the command prompt and run jenkins.war again and login as admin I find admin does not having any privilages and the users i have created does not have any access to the privilages.What might be the problem.Is there something I am doing wrong.Please help

Resources