From ac0b2932bc9ee244cf06245b6de01d97de613d74 Mon Sep 17 00:00:00 2001
From: "Doroszlai, Attila" <adoroszlai@apache.org>
Date: Wed, 27 Nov 2024 21:01:13 +0100
Subject: [PATCH] HDDS-11810. Secure acceptance test on arm64 fails with
 LoginException: Checksum failed

---
 .../dev-support/bin/dist-layout-stitching     |   3 +-
 .../dist/src/main/compose/common/init-kdc.sh  |  86 +++++++++++++++
 .../ozonesecure-ha/docker-compose.yaml        |   2 +-
 .../ozonesecure-mr/docker-compose.yaml        |   2 +-
 .../compose/ozonesecure/docker-compose.yaml   |   2 +-
 .../upgrade/compose/ha/docker-compose.yaml    |   2 +-
 .../src/main/compose/xcompat/new-cluster.yaml |   2 +-
 .../src/main/compose/xcompat/old-cluster.yaml |   2 +-
 .../dist/src/main/keytabs/HTTP.keytab         | Bin 580 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/dn.keytab  | Bin 576 -> 0 bytes
 .../dist/src/main/keytabs/hadoop.keytab       | Bin 146 -> 0 bytes
 .../dist/src/main/keytabs/httpfs.keytab       | Bin 616 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/jhs.keytab | Bin 142 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/nm.keytab  | Bin 138 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/om.keytab  | Bin 576 -> 0 bytes
 .../dist/src/main/keytabs/recon.keytab        | Bin 606 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/rm.keytab  | Bin 138 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/s3g.keytab | Bin 586 -> 0 bytes
 hadoop-ozone/dist/src/main/keytabs/scm.keytab | Bin 586 -> 0 bytes
 .../dist/src/main/keytabs/testuser.keytab     | Bin 908 -> 0 bytes
 .../dist/src/main/keytabs/testuser2.keytab    | Bin 920 -> 0 bytes
 .../dist/src/main/keytabs/update-keytabs.sh   |  98 ------------------
 22 files changed, 93 insertions(+), 106 deletions(-)
 create mode 100755 hadoop-ozone/dist/src/main/compose/common/init-kdc.sh
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/HTTP.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/dn.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/hadoop.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/httpfs.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/jhs.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/nm.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/om.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/recon.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/rm.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/s3g.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/scm.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/testuser.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/testuser2.keytab
 delete mode 100755 hadoop-ozone/dist/src/main/keytabs/update-keytabs.sh

diff --git a/hadoop-ozone/dist/dev-support/bin/dist-layout-stitching b/hadoop-ozone/dist/dev-support/bin/dist-layout-stitching
index 821f534c4a53..a902eab5a97c 100755
--- a/hadoop-ozone/dist/dev-support/bin/dist-layout-stitching
+++ b/hadoop-ozone/dist/dev-support/bin/dist-layout-stitching
@@ -128,8 +128,7 @@ run cp -p -r "${ROOT}/hadoop-ozone/dist/src/main/smoketest" .
 run cp -p -r "${ROOT}/hadoop-ozone/dist/target/k8s" kubernetes
 run cp -p -r "${ROOT}/hadoop-ozone/dist/target/Dockerfile" .
 
-#Copy pre-generated keytabs
-run cp -p -R "${ROOT}/hadoop-ozone/dist/src/main/keytabs" compose/_keytabs
+run mkdir compose/_keytabs
 
 for file in $(find "${ROOT}" -path '*/target/classes/*.classpath' | sort); do
   # We need to add the artifact manually as it's not part the generated classpath desciptor
diff --git a/hadoop-ozone/dist/src/main/compose/common/init-kdc.sh b/hadoop-ozone/dist/src/main/compose/common/init-kdc.sh
new file mode 100755
index 000000000000..d5f7fd6d778e
--- /dev/null
+++ b/hadoop-ozone/dist/src/main/compose/common/init-kdc.sh
@@ -0,0 +1,86 @@
+#!/usr/bin/env bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eux -o pipefail
+
+# This script exports keytabs and starts KDC server.
+
+export_keytab() {
+   kadmin.local -q "ktadd -norandkey -k /etc/security/keytabs/$2.keytab $1@EXAMPLE.COM"
+}
+
+rm -f /etc/security/keytabs/*.keytab
+
+export_keytab scm/scm scm
+export_keytab HTTP/scm scm
+export_keytab testuser/scm scm
+export_keytab testuser2/scm scm
+
+export_keytab testuser/dn testuser
+export_keytab testuser/httpfs testuser
+export_keytab testuser/om testuser
+export_keytab testuser/recon testuser
+export_keytab testuser/s3g testuser
+export_keytab testuser/scm testuser
+
+export_keytab testuser2/dn testuser2
+export_keytab testuser2/httpfs testuser2
+export_keytab testuser2/om testuser2
+export_keytab testuser2/recon testuser2
+export_keytab testuser2/s3g testuser2
+export_keytab testuser2/scm testuser2
+
+export_keytab om/om om
+export_keytab HTTP/om om
+export_keytab testuser/om om
+export_keytab testuser2/om om
+
+export_keytab s3g/s3g s3g
+export_keytab HTTP/s3g s3g
+export_keytab testuser/s3g s3g
+export_keytab testuser2/s3g s3g
+
+export_keytab httpfs/httpfs httpfs
+export_keytab HTTP/httpfs httpfs
+export_keytab testuser/httpfs httpfs
+export_keytab testuser2/httpfs httpfs
+
+export_keytab recon/recon recon
+export_keytab HTTP/recon recon
+export_keytab testuser/recon recon
+export_keytab testuser2/recon recon
+
+export_keytab dn/dn dn
+export_keytab HTTP/dn dn
+export_keytab testuser/dn dn
+export_keytab testuser2/dn dn
+
+export_keytab HTTP/scm HTTP
+export_keytab HTTP/s3g HTTP
+export_keytab HTTP/httpfs HTTP
+export_keytab HTTP/ozone HTTP
+
+export_keytab hadoop/rm hadoop
+
+export_keytab rm/rm rm
+export_keytab nm/nm nm
+export_keytab jhs/jhs jhs
+
+chmod 755 /etc/security/keytabs/*.keytab
+chown 1000. /etc/security/keytabs/*.keytab
+
+krb5kdc -n
diff --git a/hadoop-ozone/dist/src/main/compose/ozonesecure-ha/docker-compose.yaml b/hadoop-ozone/dist/src/main/compose/ozonesecure-ha/docker-compose.yaml
index 354f718ade7b..e48d3cb9b050 100644
--- a/hadoop-ozone/dist/src/main/compose/ozonesecure-ha/docker-compose.yaml
+++ b/hadoop-ozone/dist/src/main/compose/ozonesecure-ha/docker-compose.yaml
@@ -22,7 +22,7 @@ services:
     volumes:
       - ../..:/opt/hadoop
       - ../_keytabs:/etc/security/keytabs
-    command: ["krb5kdc","-n"]
+    command: ["/opt/hadoop/compose/common/init-kdc.sh"]
     networks:
       ozone_net:
         ipv4_address: 172.25.0.100
diff --git a/hadoop-ozone/dist/src/main/compose/ozonesecure-mr/docker-compose.yaml b/hadoop-ozone/dist/src/main/compose/ozonesecure-mr/docker-compose.yaml
index f0b094447d0a..4db7576bd223 100644
--- a/hadoop-ozone/dist/src/main/compose/ozonesecure-mr/docker-compose.yaml
+++ b/hadoop-ozone/dist/src/main/compose/ozonesecure-mr/docker-compose.yaml
@@ -22,7 +22,7 @@ services:
     volumes:
       - ../..:/opt/hadoop
       - ../_keytabs:/etc/security/keytabs
-    command: ["krb5kdc","-n"]
+    command: ["/opt/hadoop/compose/common/init-kdc.sh"]
   kms:
     image: ${HADOOP_IMAGE}:${HADOOP_VERSION}
     dns_search: .
diff --git a/hadoop-ozone/dist/src/main/compose/ozonesecure/docker-compose.yaml b/hadoop-ozone/dist/src/main/compose/ozonesecure/docker-compose.yaml
index f0b4aee1b351..f3e372964bb7 100644
--- a/hadoop-ozone/dist/src/main/compose/ozonesecure/docker-compose.yaml
+++ b/hadoop-ozone/dist/src/main/compose/ozonesecure/docker-compose.yaml
@@ -22,7 +22,7 @@ services:
     volumes:
       - ../..:/opt/hadoop
       - ../_keytabs:/etc/security/keytabs
-    command: ["krb5kdc","-n"]
+    command: ["/opt/hadoop/compose/common/init-kdc.sh"]
   kms:
     image: ${HADOOP_IMAGE}:${HADOOP_VERSION}
     hostname: kms
diff --git a/hadoop-ozone/dist/src/main/compose/upgrade/compose/ha/docker-compose.yaml b/hadoop-ozone/dist/src/main/compose/upgrade/compose/ha/docker-compose.yaml
index 86ebcc0c2b0b..8235f2137498 100644
--- a/hadoop-ozone/dist/src/main/compose/upgrade/compose/ha/docker-compose.yaml
+++ b/hadoop-ozone/dist/src/main/compose/upgrade/compose/ha/docker-compose.yaml
@@ -67,7 +67,7 @@ x-volumes:
 
 services:
   kdc:
-    command: ["krb5kdc","-n"]
+    command: ["/opt/hadoop/compose/common/init-kdc.sh"]
     hostname: kdc
     image: ${OZONE_TESTKRB5_IMAGE}
     networks:
diff --git a/hadoop-ozone/dist/src/main/compose/xcompat/new-cluster.yaml b/hadoop-ozone/dist/src/main/compose/xcompat/new-cluster.yaml
index 0f7105b8ccfb..275338d7e709 100644
--- a/hadoop-ozone/dist/src/main/compose/xcompat/new-cluster.yaml
+++ b/hadoop-ozone/dist/src/main/compose/xcompat/new-cluster.yaml
@@ -34,7 +34,7 @@ services:
     volumes:
       - ../..:/opt/hadoop
       - ../_keytabs:/etc/security/keytabs
-    command: [ "krb5kdc","-n" ]
+    command: ["/opt/hadoop/compose/common/init-kdc.sh"]
   kms:
     image: ${HADOOP_IMAGE}:${HADOOP_VERSION}
     hostname: kms
diff --git a/hadoop-ozone/dist/src/main/compose/xcompat/old-cluster.yaml b/hadoop-ozone/dist/src/main/compose/xcompat/old-cluster.yaml
index fceb8e6eb3cc..e3df1b3dda0b 100644
--- a/hadoop-ozone/dist/src/main/compose/xcompat/old-cluster.yaml
+++ b/hadoop-ozone/dist/src/main/compose/xcompat/old-cluster.yaml
@@ -34,7 +34,7 @@ services:
     volumes:
       - ../..:/opt/ozone
       - ../_keytabs:/etc/security/keytabs
-    command: [ "krb5kdc","-n" ]
+    command: ["/opt/ozone/compose/common/init-kdc.sh"]
   kms:
     image: ${HADOOP_IMAGE}:${HADOOP_VERSION}
     hostname: kms
diff --git a/hadoop-ozone/dist/src/main/keytabs/HTTP.keytab b/hadoop-ozone/dist/src/main/keytabs/HTTP.keytab
deleted file mode 100755
index d1715a75062729608dd21db062b3dafa105015d7..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 580
zcmZQ&VqjqKW?*9Ac8zfK4e)W*bN2UTVDShE31DC@PR<3&GNv0_)-y5)F(_<b>HJbN
zV*0DzMSS&UGgU9}-05=i%`jp3<SgEQ?0OzhEdwJETN7iPAcMf3_|~^)jl9mKtH#*b
ztZbhS)sE9O#_1pxaMvhl&$z(&t=yv4+dI);`|_jscdEVeYh+!ys!ncbY53bg$Ti5u
z0bLWz6cGG!{)#h~6JPW>&Y7|Ws@)H}XV@}IN($17Q5-a7^P4AkeDnXw>`C-ah>HuE
zG}k~wbIoe2XS;K1*SxoW3pLS>NE3l>nt1A5fT(cS$FSLqatux^K2Q^Uv75k}UzMMi
zisGcsubWl;%zo+~(|UHwB33YIMPuyNE6=B?9uGfeT6}^f9%`U1aRvfibXH%np0hFH
Qa*mzZKLz$b??DCt00SwT&;S4c

diff --git a/hadoop-ozone/dist/src/main/keytabs/dn.keytab b/hadoop-ozone/dist/src/main/keytabs/dn.keytab
deleted file mode 100755
index 4b5c8c252e106f9d3bd3a74f32ab3aaf22c07123..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 576
zcmZQ&VqjqKU|?e4c8zfK4e)W*bN2UTU`ojYV+IDsbYshUMg}1Ug;LQ=y?-8ESyJ-$
z=^CFLnb_#}dn}f}%dM<iQgvyA%p^^qIgCJTLC`Eg27!Vzl6BuzPZ_ETs0IDHT73qp
z*9%=Qi$_RE0ESD1dat%#4Bxc<cC@!^>g@jxGk)AS@n-YZ*f$af^lUi48A467BEmGF
zTavmtd;E4->02$F#kOSmy&q8Be(1V6N>YnUN{dsAFx->&(rKUUy=3#-r_9BTrntw(
zGS3g1@-}|Y0dcnleTK~0P!sKlG!f{glKroLE4ECSnm8+={!Ka88>k8X=q7N&++>8|
zsN+I^J-xXd4P^hm{gQoX`G2zm6J>XAxmL5OXobJ6$%(m8BkhSb66h+ipqOVy6TepM
O{bVojLNZnWWCQ?9(W5c|

diff --git a/hadoop-ozone/dist/src/main/keytabs/hadoop.keytab b/hadoop-ozone/dist/src/main/keytabs/hadoop.keytab
deleted file mode 100755
index ae3cd11e70ff98b88c4e5c30619f36b1769c2506..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 146
zcmZQ&VqjqKVPIn5c8zfK4e)W*bN2UTV9Q8M$<HrfU@FQ5N;9S#Th=o&2r(!`maca?
zysb9n{<-5SY0uA{Z&;UDT-ajv--F%t!ig!_i$IEj*oG+c1Q`TMPX6)BJ>4c!^zuLF
K=T40uApHQMODl;0

diff --git a/hadoop-ozone/dist/src/main/keytabs/httpfs.keytab b/hadoop-ozone/dist/src/main/keytabs/httpfs.keytab
deleted file mode 100755
index e5eec5375cb900d6bdd672b2e9efe7b301372629..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 616
zcmZQ&VqjnhU|?e4c8zfK4e)W*bN2UTV9O{eDM%}Z(+muZ>Bg4zj0{2y3cEL`&z(`!
z?RjDTI*nDE1%EzTA{K5cbwGf}PN3+`4%6R2^B95HfoL-Y83dyEl5YE)Fy8AjQ~vOp
z!@u`H&G17vgT*5xBmk?crfh!m<c@FtKbbv=-U)GWA(Q4BXlSlkZS`z-PVJia)^DLE
z+7W3Y&`lFhoeK~Z?)n%un^BIziNyzMLJ+zM93`p6C8fowMOfWse<6NB-Lplyfz7*E
zueAR($%|YOa(04Xretkmi0}3HolsMqNH7)Xwy;UQH}3OHXbk=Rsv_pwlr>OOg3(Rk
zgt^TKtK+!qoHabOWAk##gd4X%_z-!T;ZEqxc~ji32{^Rv*u!fAHP)FFV}Y)F^eX66
Tn~##<tD3D5+iYL>f{XzGW;(HG

diff --git a/hadoop-ozone/dist/src/main/keytabs/jhs.keytab b/hadoop-ozone/dist/src/main/keytabs/jhs.keytab
deleted file mode 100755
index d7cd324ec560b8d0e5ee54e7ff46beb6f6a2afa6..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 142
zcmZQ&VqjqKVqjw6c8zfK4e)W*bN2UTV9v@Yh7b%4jOoUf^^6Qc3<^^}XNeu$vp`4s
z{esiyREs8TT({VLc4-hN*HRzd_gPwZfF>~lu@w=f2{H)0v)z&NBl@$<r{ilEygSyo
H8KfHkYJ@3@

diff --git a/hadoop-ozone/dist/src/main/keytabs/nm.keytab b/hadoop-ozone/dist/src/main/keytabs/nm.keytab
deleted file mode 100755
index 7b73f49a05925c4b4ac76a12410128f64756b84e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 138
zcmZQ&VqjqKU|?e4c8zfK4e)W*bN2UTV9Lt{V+IDsbYshUMg}1Ug%vz}!K>#5uWq|{
zsh!p0sLm$=CO7skclK<v-&$W&dg?pS97Z6vAZV5#gTTIHr=GVrIj*zKo4r%u(A#{F
FUI2gECY}HQ

diff --git a/hadoop-ozone/dist/src/main/keytabs/om.keytab b/hadoop-ozone/dist/src/main/keytabs/om.keytab
deleted file mode 100755
index f6ef6fcbbca854673cf676e17a9e8abd10eaff06..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 576
zcmZQ&VqjqKU|?e4c8zfK4e)W*bN2UTV9L)0V+IDsbYshUMg}1Ug%X~gRg<18?Z0w4
ze|Lxe3^@hq%qqXG0<kG8H!I{Eohb}7hY^S^2%06xAi(jN^=jC@6#}e9_s=9hOPB@K
z>xHhD#Umsn0K+Aj{u5b>9Ksxn%sT~+|J5ig48GR?T6^o~ntg&hw|v~d3^mP)2-ARW
z*?!G>^NYl#X3`3UuHO&M_zTtThpwBWB(=Dtv^cd0!#%xo=jK;QJ}`|6^_UYh-C^qe
zR-v+V$9ZWFPwqQ1t@l67cXmXY2z1kalivT9_oN<AoR<5L<Kt^3sGI!JP2hyN$q2(y
z`5XR~#_EbWKTmp>{^Ll)vc0z=e;Xcnz0TJo<ZHXw#x|&t_QV<qbXC}Dn^i9zBo1Dj
N*L_FlpJE)y2mnozq*MR^

diff --git a/hadoop-ozone/dist/src/main/keytabs/recon.keytab b/hadoop-ozone/dist/src/main/keytabs/recon.keytab
deleted file mode 100755
index 7d0bd3cc3a214559eb6e81a9e709cf27fb00a75b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 606
zcmZQ&VqjqKV_;(7c8zfK4e)W*bN2UTU@b~b&d-BU3=E9v#+LPr3_=VFCkx}vdd^Ka
zFFN&sLD8L+u@!sQxb5wZuu0w=+`l=-v>j*~BM{pWX`&#5z%n=Q#CvS@e~&yW<lglC
z(?+NXzUU^fc!Y!mU~>}BuEm!<CwV`)_3HfL{qIlx3aw;&UJz~Z=4Q6S<K2h%tcMzC
zOPql~7wJU4G3)HFTXp)5(2Bo~XJw!U1fm<jQIc9*Qd*o^gw0hMo0h)X$*=Kr?}^Cv
zWMQ+NER$xuO+LOV<BUSYhrlMsA5cRbi8mDJGL8_Igyorw3!QCRL%kMTg+UDoLN|mH
z<}xE}PTM(WSE-Kr<@WIP_cO|^LLca+Z($bmd?9!6vHmgd$7}PTraF;eD$s2^_pW3R
Sa1D)WzHoKb+$Nq}kSPGkG_k(`

diff --git a/hadoop-ozone/dist/src/main/keytabs/rm.keytab b/hadoop-ozone/dist/src/main/keytabs/rm.keytab
deleted file mode 100755
index 546b4a476d214f0e687dcc47f9fc16365a417b7f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 138
zcmZQ&VqjqKU|?e4c8zfK4e)W*bN2UTU@FQ5V+IDsbYshUMg}1U1r-^lk}uPww;j#t
z{k(5t{`z;R92uXQSk7ooP1BL(v3dzKhY^S^2%06xAdn^6yX(jEcXy9-eDqs$=2Im|
FF91fyCW!z5

diff --git a/hadoop-ozone/dist/src/main/keytabs/s3g.keytab b/hadoop-ozone/dist/src/main/keytabs/s3g.keytab
deleted file mode 100755
index 1361eecee61b7ca066143517fe11214052e0b44c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 586
zcmZQ&VqjqKVqjw6c8zfK4e)W*bN2UTU@kUJhY$=5jOoUf^^6Qc3<?wU=6$Npc)y;v
zH$t*YDRx0<z;V6}heg)i*?#*^@|-9Gph=8CY(<1=f(!x=zkEx&mGpZ1&Z4cpJ=PU_
zp}M`%b+dScgalwZMoD|d1;%gX7Pa2qiT>J`AH}~@?Ui36>&jJiazjhQ-wvp8*2EYG
zbWJQ%K=8}?E6!X_e9`APXUZ0+c7Js393`p6C8fowMVKzSbl`-ySp7Pa)M;YtI`=N9
zuJ*T>v8`d21jEefioZ2p^+AoaC)P-yt3;*GteL%#_wJ$<>k@5FM7@L>5rA$4C(Knw
zn9kyA?0+?{Q}(m|=es{j1IlNynLjZ!U^pF}9~rXvK3{h>)JzAW%>=s3{<(g^)j4+8
PPrcGl+j9K%c90nW=uM^X

diff --git a/hadoop-ozone/dist/src/main/keytabs/scm.keytab b/hadoop-ozone/dist/src/main/keytabs/scm.keytab
deleted file mode 100755
index 531f97a1b79ddcf21d88f47650acaf3f447a3861..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 586
zcmZQ&VqjqKVqjw6c8zfK4e)W*bN2UTU@lJ1g%Au3jOoUfb&L!`3<}@kSlxTo{Hv2C
z%uX)){qlZ{%Jy@iT}rQ)SuQfst30$4Xc8k3TM=QJAcH{3id9?I_DC*LEj2AFTd#Bh
zs@oe~H;YF|NC2i|wy$)4sTnc-RqrCcdb63T7kKV;Ir(OoFnn?r?>}}u4`>?LG1kNw
z2XxJz_|~^)jl9mKtH#*btZbhS)$Wh3oueeRxTLf=wFuKiT`C{dr@vxOf3xa$^7Xa<
zJmt1{s6FyJ5%@Xu-KJd|)#gKuv?ta`psNC=35D(7cK>l>mge54&pg*cjR-(Df)nN{
zBTQ$VxbysFd-l%-asC_$k@gLTo~_t7bAF#)-paq9_&3~iw1t}KK(v`acjZ-D3;qoM
QlfKX_LL~9PPD_v(0K$l;qyPW_

diff --git a/hadoop-ozone/dist/src/main/keytabs/testuser.keytab b/hadoop-ozone/dist/src/main/keytabs/testuser.keytab
deleted file mode 100755
index c373cf5019ee64bcf2ebcc4cde6a1a69d7641a2a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 908
zcmZQ&VqjqKV_;(7c8zfK4e)W*bN2UT;3!EgE-5WeEn;9w$pb22OgFZyXJim!P)K{}
zv`_Y4via>(=Hf<E++$;z=Lb!B8^7m(xZ8q0L*{IdVj#97(nLW9fs*~Ne=D|3n3^~%
zq5e%d*Bht_LAXs|%P1)+NGnEhm;HtK1$ECB=>|6MV!hJ-(<Co)MabC+f|-)Fi6Oq%
z-*-Yybt1u3pxeSG`QEtCGodl`_p6GSZ&TJlO~Dsl`MD_W>YY0`ze@6fX;i4koS^9r
zQ}4G5m8Cn*OM7^7-;rs(|7Sr>#1~%3CIa2G-=z1y<vpp#6Q|`q<oNhn32H(hZlAFh
zr6%X2Mq|dNrLT7KYdqb1BC<VM*lZ`uq#19MkFUx&qY&{Su*vZU)KEv_4F$T4BZMVk
zdFJ9mXPeeguf<kjP(%E28^T;{oDNb2PhOV}obVQ_UuTj!O>AA~-UZdw{uVQ~HO!J=
zm^oeXx5leJsFC)>8VPijsPvgNvlsH-U9@6dqRok@m&CX#88s5SR6eRtf5n{sX4UWH
z>udjc%5Cvbd*pQ@@N?+9O}jR#%_qiH$VLKP6);UGZ2z|Vj~lZz_db2*xfWyu0OsEc
A>i_@%

diff --git a/hadoop-ozone/dist/src/main/keytabs/testuser2.keytab b/hadoop-ozone/dist/src/main/keytabs/testuser2.keytab
deleted file mode 100755
index da5d6a99e5322c1da4befebdd001f2943378e002..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 920
zcmZQ&VqjqKXJBIBc8zfK4e)W*bN2UT;4DckE-5WeEiz(YO34GNU`#i*tY>5pVo*3P
z^w-my+tEPw@7pighnD|0J1|jp_m*oln~GNW+nSu13sMZk_QV<~$RHpV6!Xkz;@673
zpX>!*NX804jR?kL1Y1T)NkLjMip#j`oHabOWAk##gd4X%_z-!T;ZEqxc~ji32{^Rv
z*u!fAHP)FFV}Y)F^eX66n~##<tD3D5+iYL>LXE*2X8E}&F3aEWuQXOy%=vlJyYwGN
z8kX(775Urn!0UCs9wA@b#WuD<jl>&f$VLKP6}H-D)k_D7gBRy@-_iM}7zZ^X2#@Dj
zi&B&GQ6qEboL!|l>X+NY*Wb@5w+elro4$ov%=3lZ!N>Z?ydSRxD+ZeEM1rY6x9!}!
zl0m>VG^+W+)m3wwc)(!+G$jC!Da^&j=^!t_lNncI|EqbOvY+)o-~CY<P(F*z{E49f
z!|CY!$dJYN`MR^A{&gVQOrX2$pX(P~onv?X)GPh8EyrJPhnj)kUCF3XdE(CVm+jd<
z7sUB<Bt+Ub9D255-^}@ac6lrRe&XM7)6teFcOjbzbXQ)bwcyY2Kj{n2B194o?6d@#
F0RUjm4F>=K

diff --git a/hadoop-ozone/dist/src/main/keytabs/update-keytabs.sh b/hadoop-ozone/dist/src/main/keytabs/update-keytabs.sh
deleted file mode 100755
index 5094a6bf8570..000000000000
--- a/hadoop-ozone/dist/src/main/keytabs/update-keytabs.sh
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-SCRIPT_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )
-set -ex
-
-export_keytab() {
-   kadmin.local -q "ktadd -norandkey -k /etc/security/keytabs/$2.keytab $1@EXAMPLE.COM"
-}
-
-#this section supposed to be executed inside a docker image which already
-#has these credentials
-#
-# the rest of the code executes this part inside a container
-#
-if [ "$1" == "internal" ]; then
-   rm /etc/security/keytabs/*.keytab
-
-   export_keytab scm/scm scm
-   export_keytab HTTP/scm scm
-   export_keytab testuser/scm scm
-   export_keytab testuser2/scm scm
-
-   export_keytab testuser/dn testuser
-   export_keytab testuser/httpfs testuser
-   export_keytab testuser/om testuser
-   export_keytab testuser/recon testuser
-   export_keytab testuser/s3g testuser
-   export_keytab testuser/scm testuser
-
-   export_keytab testuser2/dn testuser2
-   export_keytab testuser2/httpfs testuser2
-   export_keytab testuser2/om testuser2
-   export_keytab testuser2/recon testuser2
-   export_keytab testuser2/s3g testuser2
-   export_keytab testuser2/scm testuser2
-
-   export_keytab om/om om
-   export_keytab HTTP/om om
-   export_keytab testuser/om om
-   export_keytab testuser2/om om
-
-   export_keytab s3g/s3g s3g
-   export_keytab HTTP/s3g s3g
-   export_keytab testuser/s3g s3g
-   export_keytab testuser2/s3g s3g
-
-   export_keytab httpfs/httpfs httpfs
-   export_keytab HTTP/httpfs httpfs
-   export_keytab testuser/httpfs httpfs
-   export_keytab testuser2/httpfs httpfs
-
-   export_keytab recon/recon recon
-   export_keytab HTTP/recon recon
-   export_keytab testuser/recon recon
-   export_keytab testuser2/recon recon
-
-   export_keytab dn/dn dn
-   export_keytab HTTP/dn dn
-   export_keytab testuser/dn dn
-   export_keytab testuser2/dn dn
-
-   export_keytab HTTP/scm HTTP
-   export_keytab HTTP/s3g HTTP
-   export_keytab HTTP/httpfs HTTP
-   export_keytab HTTP/ozone HTTP
-
-   export_keytab hadoop/rm hadoop
-
-   export_keytab rm/rm rm
-   export_keytab nm/nm nm
-   export_keytab jhs/jhs jhs
-
-
-
-   chmod 755 /etc/security/keytabs/*.keytab
-   chown 1000. /etc/security/keytabs/*.keytab
-   exit 0
-fi
-
-TESTKRB5_IMAGE=$(mvn -f "$SCRIPT_DIR"/../../../pom.xml help:evaluate -Dexpression=docker.ozone-testkr5b.image -q -DforceStdout -Dscan=false)
-
-docker run -it --entrypoint=/etc/security/keytabs/update-keytabs.sh -v "$SCRIPT_DIR":/etc/security/keytabs $TESTKRB5_IMAGE internal
-
-