Skip to content

Updating Passwords for Ranger Service Users

Overview

Managing secure credentials for Ranger's internal service users such as admin, rangerusersync, and rangertagsync is crucial for maintaining system security and functionality. These service accounts perform essential operations, such as synchronizing user data, managing tag-based policies, and providing administrative control over the Ranger system. Password updates for these accounts must be executed carefully to avoid service disruptions.

Understanding Ranger Service Users:

  • admin: The admin user is the primary administrative account for the Ranger system. It is used to manage policies, users, and other system configurations.
  • rangerusersync: The rangerusersync user is responsible for synchronizing user data between the Ranger system and the connected data sources.
  • rangertagsync: The rangertagsync user is responsible for creating tags pushed through tagsync to the Ranger system.

Updating Passwords for Ranger Service Users:

Perform the following steps to securely update the password for the Ranger service user:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager/
  3. Run the following command to copy the sample vars. The -n flag prevents overwriting the file if it already exists:
    Bash
    1
    cp -n config/sample-vars/vars.ranger.admin.yml config/custom-vars/

  4. Run the following command to open the .yml file for editing.

    Bash
    1
    vi config/custom-vars/vars.ranger.admin.yml
    Add or update the following property:

    Variable Definition
    RANGER_ADMIN_PASSWORD Update password for Ranger admin user passowrd. Default is welcome1
    RANGER_TAGSYNC_PASSWORD Update password for rangertagsync user. Default is welcome1
    RANGER_USERSYNC_PASSWORD Update password for rangerusersync user. Default is welcome1
    YAML
    1
2
3
    RANGER_ADMIN_PASSWORD: "<<PLEASE CHANGE>>"
RANGER_TAGSYNC_PASSWORD: "<<PLEASE CHANGE>>"
RANGER_USERSYNC_PASSWORD: "<<PLEASE CHANGE>>"

Updating Admin Password for Privacera Portal

Perform the following steps to securely update the password for the Admin user:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager/
  3. Run the following command to copy the sample vars. The -n flag prevents overwriting the file if it already exists:
    Bash
    1
    cp -n config/sample-vars/vars.portal.yml config/custom-vars/

  4. Run the following command to open the .yml file for editing.

    Bash
    1
    vi config/custom-vars/vars.portal.yml
    Add or update the following property:

    Variable Definition
    PRIVACERA_PORTAL_RANGER_USERNAME Ranger admin user. Default is admin
    PRIVACERA_PORTAL_RANGER_USER_PASSWORD Update password for Ranger user password. Default is welcome1
    YAML
    1
2
    PRIVACERA_PORTAL_RANGER_USERNAME: "<<PLEASE CHANGE>>"
PRIVACERA_PORTAL_RANGER_USER_PASSWORD: "<<PLEASE CHANGE>>"

Updating rangerusersync Password for Privacera Usersync

Perform the following steps to securely update the password for the rangerusersync user:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager/
  3. Run the following command to copy the sample vars. The -n flag prevents overwriting the file if it already exists:
    Bash
    1
    cp -n config/sample-vars/vars.privacera-usersync.yml config/custom-vars/

  4. Run the following command to open the .yml file for editing.

    Bash
    1
    vi config/custom-vars/vars.privacera-usersync.yml
    Add or update the following property:

    Variable Definition
    PRIVACERA_USERSYNC_RANGER_USERNAME Ranger rangerusersync user. Default is admin
    PRIVACERA_USERSYNC_RANGER_PASSWORD Update password for rangerusersync password. Default is welcome1
    YAML
    1
2
    PRIVACERA_USERSYNC_RANGER_USERNAME: "<<PLEASE CHANGE>>"
PRIVACERA_USERSYNC_RANGER_PASSWORD: "<<PLEASE CHANGE>>"

Updating rangertagsync Password for Ranger Tagsync

Perform the following steps to securely update the password for the rangertagsync user:

  1. SSH into the instance where Privacera Manager is installed.
  2. Navigate to the privacera-manager directory using the following command:
    Bash
    1
    cd ~/privacera/privacera-manager/
  3. Run the following command to copy the sample vars. The -n flag prevents overwriting the file if it already exists:
    Bash
    1
    cp -n config/sample-vars/vars.ranger-tagsync.yml config/custom-vars/

  4. Run the following command to open the .yml file for editing.

    Bash
    1
    vi config/custom-vars/vars.ranger-tagsync.yml
    Add or update the following property:

    Variable Definition
    RANGER_TAGSYNC_PASSWORD Update passowrd for rangertagsync user. Default is welcome1
    YAML
    1
    RANGER_TAGSYNC_PASSWORD: "<<PLEASE CHANGE>>"

Once the properties are configured, update your Privacera Manager platform instance by following the

Bash
1
2
3
cd ~/privacera/privacera-manager
./privacera-manager.sh setup
./pm_with_helm.sh upgrade

Comments