Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12344

Improve validateSocketPathSecurity0 error message

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: net
    • Labels:
      None
    • Target Version/s:

      Description

      When a socket path does not have the correct permissions, an error is thrown.

      That error just has the failing component of the path and not the entire path of the socket.

      The entire path of the socket could be printed out to allow for a direct check of the permissions of the entire path.

      java.io.IOException: the path component: '/' is world-writable.  Its permissions are 0077.  Please fix this or select a different socket path.
      	at org.apache.hadoop.net.unix.DomainSocket.validateSocketPathSecurity0(Native Method)
      	at org.apache.hadoop.net.unix.DomainSocket.bindAndListen(DomainSocket.java:189)
      ...
      

      The error message could also provide the socket path:

      java.io.IOException: the path component: '/' is world-writable.  Its permissions are 0077.  Please fix this or select a different socket path than '/var/run/hdfs-sockets/dn'
      
      1. HADOOP-12344.patch
        2 kB
        Casey Brotherton
      2. HADOOP-12344.001.patch
        6 kB
        Casey Brotherton
      3. HADOOP-12344.002.patch
        6 kB
        Casey Brotherton
      4. HADOOP-12344.003.patch
        7 kB
        Casey Brotherton
      5. HADOOP-12344.004.patch
        7 kB
        Casey Brotherton

        Issue Links

          Activity

          Hide
          alanburlison Alan Burlison added a comment -

          Thanks Colin P. McCabe I wasn't sure what the standard process was, reopen or create a new one. I see Mingliang Liu has expressed an interest in picking the bug up over on HADOOP-12560 - works for me

          Show
          alanburlison Alan Burlison added a comment - Thanks Colin P. McCabe I wasn't sure what the standard process was, reopen or create a new one. I see Mingliang Liu has expressed an interest in picking the bug up over on HADOOP-12560 - works for me
          Hide
          cmccabe Colin P. McCabe added a comment -

          Hi Alan Burlison, I filed HADOOP-12560 as a follow-on to fix those sprintf warnings. Thanks for reporting this. Also feel free to take HADOOP-12560 if you want to (or I will take it later)

          Show
          cmccabe Colin P. McCabe added a comment - Hi Alan Burlison , I filed HADOOP-12560 as a follow-on to fix those sprintf warnings. Thanks for reporting this. Also feel free to take HADOOP-12560 if you want to (or I will take it later)
          Hide
          alanburlison Alan Burlison added a comment -

          This fix introduced multiple sprintf format warnings which need attention.

               [exec] op/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:488:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 6 has type ‘long long int’ [-Wformat=]
               [exec]           check, path, mode, (long long)st.st_uid, (long long)st.st_gid, check);
               [exec]           ^
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:488:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 7 has type ‘long long int’ [-Wformat=]
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:500:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 6 has type ‘long long int’ [-Wformat=]
               [exec]           check, check);
               [exec]           ^
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:500:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 7 has type ‘long long int’ [-Wformat=]
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 6 has type ‘long long int’ [-Wformat=]
               [exec]           (long long)uid, check, (long long)uid, check);
               [exec]           ^
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 7 has type ‘long long int’ [-Wformat=]
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 8 has type ‘long long int’ [-Wformat=]
               [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 10 has type ‘long long int’ [-Wformat=]
          
          Show
          alanburlison Alan Burlison added a comment - This fix introduced multiple sprintf format warnings which need attention. [exec] op/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:488:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 6 has type ‘ long long int ’ [-Wformat=] [exec] check, path, mode, ( long long )st.st_uid, ( long long )st.st_gid, check); [exec] ^ [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:488:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 7 has type ‘ long long int ’ [-Wformat=] [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:500:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 6 has type ‘ long long int ’ [-Wformat=] [exec] check, check); [exec] ^ [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:500:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 7 has type ‘ long long int ’ [-Wformat=] [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 6 has type ‘ long long int ’ [-Wformat=] [exec] ( long long )uid, check, ( long long )uid, check); [exec] ^ [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 7 has type ‘ long long int ’ [-Wformat=] [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 8 has type ‘ long long int ’ [-Wformat=] [exec] /pool/home/alanbur/bigdata/hadoop/hadoop-common-project/hadoop-common/src/main/ native /src/org/apache/hadoop/net/unix/DomainSocket.c:513:10: warning: format ‘%ld’ expects argument of type ‘ long int ’, but argument 10 has type ‘ long long int ’ [-Wformat=]
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk #2429 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2429/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/CHANGES.txt
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #2429 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2429/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #491 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/491/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/CHANGES.txt
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #491 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/491/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #534 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/534/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          • hadoop-common-project/hadoop-common/CHANGES.txt
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #534 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/534/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c hadoop-common-project/hadoop-common/CHANGES.txt
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #523 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/523/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/CHANGES.txt
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #523 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/523/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/CHANGES.txt
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Mapreduce-trunk #2469 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2469/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/CHANGES.txt
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #2469 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2469/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk #1258 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/1258/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/CHANGES.txt
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk #1258 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/1258/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-trunk-Commit #8622 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8622/)
          HADOOP-12344. Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641)

          • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java
          • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java
          • hadoop-common-project/hadoop-common/CHANGES.txt
          • hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #8622 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8622/ ) HADOOP-12344 . Improve validateSocketPathSecurity0 error message (Casey (cmccabe: rev 6716f159645639edc669900308250492dfef5641) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/net/unix/DomainSocket.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/net/unix/TestDomainSocket.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/net/unix/DomainSocket.c
          Hide
          cmccabe Colin P. McCabe added a comment -

          +1. Thanks, Casey Brotherton.

          Show
          cmccabe Colin P. McCabe added a comment - +1. Thanks, Casey Brotherton .
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Hello You're probably looking for cmccabe, aka Colin Patrick McCabe,

          Are there any further concerns with the message?
          Just checked, the patch applies still with the current trunk.

          Thanks,
          Casey

          Show
          caseyjbrotherton Casey Brotherton added a comment - Hello You're probably looking for cmccabe, aka Colin Patrick McCabe , Are there any further concerns with the message? Just checked, the patch applies still with the current trunk. Thanks, Casey
          Hide
          hadoopqa Hadoop QA added a comment -



          +1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 17m 27s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 56s There were no new javac warning messages.
          +1 javadoc 10m 6s There were no new javadoc warning messages.
          +1 release audit 0m 24s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 1m 12s There were no new checkstyle issues.
          +1 whitespace 0m 1s The patch has no lines that end in whitespace.
          +1 install 1m 29s mvn install still works.
          +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse.
          +1 findbugs 1m 55s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 23m 4s Tests passed in hadoop-common.
              64m 10s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12755306/HADOOP-12344.004.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / f103a70
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/testReport/
          Java 1.7.0_55
          uname Linux asf902.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 pre-patch 17m 27s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 56s There were no new javac warning messages. +1 javadoc 10m 6s There were no new javadoc warning messages. +1 release audit 0m 24s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 1m 12s There were no new checkstyle issues. +1 whitespace 0m 1s The patch has no lines that end in whitespace. +1 install 1m 29s mvn install still works. +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse. +1 findbugs 1m 55s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 23m 4s Tests passed in hadoop-common.     64m 10s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12755306/HADOOP-12344.004.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / f103a70 hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/testReport/ Java 1.7.0_55 uname Linux asf902.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7633/console This message was automatically generated.
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          I kept with using the three new IOexceptions instead of a static string with PATH_MAX length.

          Have cast the uid/gid's to long long.

          Fixed the lines above 80 columns that I have modified, and the indents.

          Checked the whitespace before creating the patch.

          Show
          caseyjbrotherton Casey Brotherton added a comment - I kept with using the three new IOexceptions instead of a static string with PATH_MAX length. Have cast the uid/gid's to long long. Fixed the lines above 80 columns that I have modified, and the indents. Checked the whitespace before creating the patch.
          Hide
          cmccabe Colin P. McCabe added a comment -

          Thanks, Casey Brotherton.

          In this case, PATH_MAX is more than long enough, since domain socket paths cannot be longer than about 108 characters on Linux. The longest domain socket path length is determined by the length of the sun_path field in sockaddr_un.

          We already bail out if the path is too long earlier, so there should be no issue in just using a static length. I would prefer just to create another array of size PATH_MAX and do an strcpy.

          I see some lines longer than 80 columns, and some lines with missing indentation. Also, please cast st.st_uid and st.st_gid to long long and use %ld, since technically we don't know their length on various systems.

          Show
          cmccabe Colin P. McCabe added a comment - Thanks, Casey Brotherton . In this case, PATH_MAX is more than long enough, since domain socket paths cannot be longer than about 108 characters on Linux. The longest domain socket path length is determined by the length of the sun_path field in sockaddr_un . We already bail out if the path is too long earlier, so there should be no issue in just using a static length. I would prefer just to create another array of size PATH_MAX and do an strcpy. I see some lines longer than 80 columns, and some lines with missing indentation. Also, please cast st.st_uid and st.st_gid to long long and use %ld , since technically we don't know their length on various systems.
          Hide
          hadoopqa Hadoop QA added a comment -



          -1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 17m 18s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 56s There were no new javac warning messages.
          +1 javadoc 10m 10s There were no new javadoc warning messages.
          +1 release audit 0m 25s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 1m 10s There were no new checkstyle issues.
          -1 whitespace 0m 0s The patch has 2 line(s) that end in whitespace. Use git apply --whitespace=fix.
          +1 install 1m 33s mvn install still works.
          +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse.
          +1 findbugs 1m 52s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 23m 38s Tests passed in hadoop-common.
              64m 40s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12753924/HADOOP-12344.003.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / 09c64ba
          whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/artifact/patchprocess/whitespace.txt
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/testReport/
          Java 1.7.0_55
          uname Linux asf909.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 pre-patch 17m 18s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 56s There were no new javac warning messages. +1 javadoc 10m 10s There were no new javadoc warning messages. +1 release audit 0m 25s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 1m 10s There were no new checkstyle issues. -1 whitespace 0m 0s The patch has 2 line(s) that end in whitespace. Use git apply --whitespace=fix. +1 install 1m 33s mvn install still works. +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse. +1 findbugs 1m 52s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 23m 38s Tests passed in hadoop-common.     64m 40s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12753924/HADOOP-12344.003.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 09c64ba whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/artifact/patchprocess/whitespace.txt hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/testReport/ Java 1.7.0_55 uname Linux asf909.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7586/console This message was automatically generated.
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Three copies of the newIOexception.

          Also noticed and fixed a minor defect in the unit test.

          It checks "/foo" off of the root directory to determine if the root
          directory is secure, as it should be owned by root, and not world writable.

          It does not fail, if you change the permissions of / to be world writable.

          Made a change to the skipComponents parameter that seems to fix the behaviour, and fail correctly while passing with normal root permissions.

          Show
          caseyjbrotherton Casey Brotherton added a comment - Three copies of the newIOexception. Also noticed and fixed a minor defect in the unit test. It checks "/foo" off of the root directory to determine if the root directory is secure, as it should be owned by root, and not world writable. It does not fail, if you change the permissions of / to be world writable. Made a change to the skipComponents parameter that seems to fix the behaviour, and fail correctly while passing with normal root permissions.
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Hello Colin P. McCabe

          Thanks for reviewing the changes. Working on correcting them.

          Reasons for the dynamic allocation changes:
          1) As I changed the error messages, the three very similar messages looked too copy and paste to me.
          I thought it better to have one newIOexception

          2) PATH_MAX on my system is 4096 chars. Seemed better to dynamically allocate instead of reserving 2*PATH_MAX+something
          up front.

          I will change it to be three newIOexceptions, and check the strdup return code, and post a change shortly.

          Thanks,
          Casey

          Show
          caseyjbrotherton Casey Brotherton added a comment - Hello Colin P. McCabe Thanks for reviewing the changes. Working on correcting them. Reasons for the dynamic allocation changes: 1) As I changed the error messages, the three very similar messages looked too copy and paste to me. I thought it better to have one newIOexception 2) PATH_MAX on my system is 4096 chars. Seemed better to dynamically allocate instead of reserving 2*PATH_MAX+something up front. I will change it to be three newIOexceptions, and check the strdup return code, and post a change shortly. Thanks, Casey
          Hide
          cmccabe Colin P. McCabe added a comment -

          ..the secret of having tests match is to make some of the text (e.g. the wiki link) a string constant in the source, with the test using a .contains() probe for it. That way, changes in the text are automatically picked up in the test

          In this case, the string is being generated in the C source and checked in the Java tests, so it would be difficult to have a constant shared between the two.

          The new text looks fine to me, but the code needs work.

          -  for (check[0] = '/', check[1] = '\0', rest = path, token = "";
          +  for (check[0] = '/', check[1] = '\0', rest=strdup(path), rest_free=rest, token = "";
          

          This isn't correctly checking for strdup returning NULL.

          +      jthr = newIOException(env, "failed to stat a path component: '%s' in '%s'.  "
          +          "error code %d (%s).  Ensure that the path is configured correctly.", check, path, ret, terror(ret));
          

          More than 80 columns

          +      perm_msg=(char *)malloc(PATH_MAX+200);
          

          You don't need a typecast here. You do need to check for NULL if you use dynamic allocation (why are you using dynamic allocation anyway?)

          +      snprintf(perm_msg,PATH_MAX+200,"is world-writable. This might help: 'chmod o-w %s'. ",check);
          

          PATH_MAX+200 is really gross. Why don't you just use newIOException, it handles all this string manipulation and dynamic allocation for you?

          Please fix this stuff before you commit.

          Show
          cmccabe Colin P. McCabe added a comment - ..the secret of having tests match is to make some of the text (e.g. the wiki link) a string constant in the source, with the test using a .contains() probe for it. That way, changes in the text are automatically picked up in the test In this case, the string is being generated in the C source and checked in the Java tests, so it would be difficult to have a constant shared between the two. The new text looks fine to me, but the code needs work. - for (check[0] = '/', check[1] = '\0', rest = path, token = ""; + for (check[0] = '/', check[1] = '\0', rest =strdup(path), rest_free= rest , token = ""; This isn't correctly checking for strdup returning NULL. + jthr = newIOException(env, "failed to stat a path component: '%s' in '%s'. " + "error code %d (%s). Ensure that the path is configured correctly." , check, path, ret, terror(ret)); More than 80 columns + perm_msg=( char *)malloc(PATH_MAX+200); You don't need a typecast here. You do need to check for NULL if you use dynamic allocation (why are you using dynamic allocation anyway?) + snprintf(perm_msg,PATH_MAX+200, "is world-writable. This might help: 'chmod o-w %s'. " ,check); PATH_MAX+200 is really gross. Why don't you just use newIOException, it handles all this string manipulation and dynamic allocation for you? Please fix this stuff before you commit.
          Hide
          hadoopqa Hadoop QA added a comment -



          +1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 16m 49s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 41s There were no new javac warning messages.
          +1 javadoc 10m 8s There were no new javadoc warning messages.
          +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 1m 7s There were no new checkstyle issues.
          +1 whitespace 0m 1s The patch has no lines that end in whitespace.
          +1 install 1m 28s mvn install still works.
          +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse.
          +1 findbugs 1m 52s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 22m 51s Tests passed in hadoop-common.
              62m 57s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12753214/HADOOP-12344.002.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / 837fb75
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/testReport/
          Java 1.7.0_55
          uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 pre-patch 16m 49s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 41s There were no new javac warning messages. +1 javadoc 10m 8s There were no new javadoc warning messages. +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 1m 7s There were no new checkstyle issues. +1 whitespace 0m 1s The patch has no lines that end in whitespace. +1 install 1m 28s mvn install still works. +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse. +1 findbugs 1m 52s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 22m 51s Tests passed in hadoop-common.     62m 57s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12753214/HADOOP-12344.002.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 837fb75 hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/testReport/ Java 1.7.0_55 uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7559/console This message was automatically generated.
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Thanks Steve for creating the page!

          Show
          caseyjbrotherton Casey Brotherton added a comment - Thanks Steve for creating the page!
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Fixed the whitespace.

          Show
          caseyjbrotherton Casey Brotherton added a comment - Fixed the whitespace.
          Hide
          stevel@apache.org Steve Loughran added a comment -
          Show
          stevel@apache.org Steve Loughran added a comment - BTW, wrote that page for you: https://wiki.apache.org/hadoop/SocketPathSecurity
          Hide
          stevel@apache.org Steve Loughran added a comment -

          LGTM. Any comments from people who work on the C code?

          Show
          stevel@apache.org Steve Loughran added a comment - LGTM. Any comments from people who work on the C code?
          Hide
          hadoopqa Hadoop QA added a comment -



          -1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 16m 36s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 37s There were no new javac warning messages.
          +1 javadoc 10m 2s There were no new javadoc warning messages.
          +1 release audit 0m 22s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 1m 6s There were no new checkstyle issues.
          -1 whitespace 0m 0s The patch has 4 line(s) that end in whitespace. Use git apply --whitespace=fix.
          +1 install 1m 28s mvn install still works.
          +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse.
          +1 findbugs 1m 55s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 23m 5s Tests passed in hadoop-common.
              62m 47s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12753200/HADOOP-12344.001.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / 837fb75
          whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/artifact/patchprocess/whitespace.txt
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/testReport/
          Java 1.7.0_55
          uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 pre-patch 16m 36s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 37s There were no new javac warning messages. +1 javadoc 10m 2s There were no new javadoc warning messages. +1 release audit 0m 22s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 1m 6s There were no new checkstyle issues. -1 whitespace 0m 0s The patch has 4 line(s) that end in whitespace. Use git apply --whitespace=fix. +1 install 1m 28s mvn install still works. +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse. +1 findbugs 1m 55s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 23m 5s Tests passed in hadoop-common.     62m 47s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12753200/HADOOP-12344.001.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 837fb75 whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/artifact/patchprocess/whitespace.txt hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/testReport/ Java 1.7.0_55 uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7557/console This message was automatically generated.
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Error message will look similar to the following:

          java.io.IOException: The path component: '/tmp/socks.1440952878989.906697189/foo' in '/tmp/socks.1440952878989.906697189/foo/bar/baz' has permissions 0707 uid 500 and gid 500.  It is not protected because it is world-writable. This might help: 'chmod o-w /tmp/socks.1440952878989.906697189/foo' might help. For more information: https://wiki.apache.org/hadoop/SocketPathSecurity
          
          
          Show
          caseyjbrotherton Casey Brotherton added a comment - Error message will look similar to the following: java.io.IOException: The path component: '/tmp/socks.1440952878989.906697189/foo' in '/tmp/socks.1440952878989.906697189/foo/bar/baz' has permissions 0707 uid 500 and gid 500. It is not protected because it is world-writable. This might help: 'chmod o-w /tmp/socks.1440952878989.906697189/foo' might help. For more information: https: //wiki.apache.org/hadoop/SocketPathSecurity
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Hello Harsh J, and Colin P. McCabe,
          Added an inline correction message, it becomes somewhat more beefy, because there isn't one octal perm, but rather, three conditions noted below.

          Hello Steve Loughran,
          Thanks for the hint. The test had a contains, but included the entire message. I changed it to check two shorter strings.

          I also added a link to a non-existent wiki page. The error message is even a bit beefier with the link.

          Let me know if it is too long.

          Suggestions for a wiki page:

          Socket Path Permissions.

          In order to run a secure environment, paths used to contain sockets need to be protected from
          unauthorized access. Otherwise, it is possible that an unprivileged user can perform a
          man-in-the-middle attack by removing the socket and replacing it with a new one.

          In a POSIX filesystem, that means that all of the paths to the directory used for the
          socket need to have the following characteristics:

          1) Not world-writable.
          2) Only group-writable if the group is root.
          3) Either owned by either root, or the user creating the socket.

          For more information, consult your operating system's documentation.
          Here is a link to overall documentation regarding filesystem permissions:
          https://en.wikipedia.org/wiki/File_system_permissions

          For examining the path in more detail, the following commands may be useful:

          namei -om /var/run/hdfs-sockets/dn
          ls -l /var/run/hdfs-sockets/dn

          For changing the path, the following commands may be useful:

          chmod 0755 /var/run/hdfs-sockets/dn
          chown hdfs:hadoop /var/run/hdfs-sockets/dn

          HDFS daemons will fail to start if the sockets are not protected as required.

          Running the tests locally before I attach the patch.

          Show
          caseyjbrotherton Casey Brotherton added a comment - Hello Harsh J , and Colin P. McCabe , Added an inline correction message, it becomes somewhat more beefy, because there isn't one octal perm, but rather, three conditions noted below. Hello Steve Loughran , Thanks for the hint. The test had a contains, but included the entire message. I changed it to check two shorter strings. I also added a link to a non-existent wiki page. The error message is even a bit beefier with the link. Let me know if it is too long. Suggestions for a wiki page: Socket Path Permissions. In order to run a secure environment, paths used to contain sockets need to be protected from unauthorized access. Otherwise, it is possible that an unprivileged user can perform a man-in-the-middle attack by removing the socket and replacing it with a new one. In a POSIX filesystem, that means that all of the paths to the directory used for the socket need to have the following characteristics: 1) Not world-writable. 2) Only group-writable if the group is root. 3) Either owned by either root, or the user creating the socket. For more information, consult your operating system's documentation. Here is a link to overall documentation regarding filesystem permissions: https://en.wikipedia.org/wiki/File_system_permissions For examining the path in more detail, the following commands may be useful: namei -om /var/run/hdfs-sockets/dn ls -l /var/run/hdfs-sockets/dn For changing the path, the following commands may be useful: chmod 0755 /var/run/hdfs-sockets/dn chown hdfs:hadoop /var/run/hdfs-sockets/dn HDFS daemons will fail to start if the sockets are not protected as required. Running the tests locally before I attach the patch.
          Hide
          stevel@apache.org Steve Loughran added a comment -

          It's always annoying when a test has some hard coded string match

          ..the secret of having tests match is to make some of the text (e.g. the wiki link) a string constant in the source, with the test using a .contains() probe for it. That way, changes in the text are automatically picked up in the test

          Show
          stevel@apache.org Steve Loughran added a comment - It's always annoying when a test has some hard coded string match ..the secret of having tests match is to make some of the text (e.g. the wiki link) a string constant in the source, with the test using a .contains() probe for it. That way, changes in the text are automatically picked up in the test
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          Neat. the testcase failure is based on matching the error message.

          Sorry I missed that, will revise.

          I will also make some wiki page entries to talk about why the path needs to be secure, and some commands to check the permissions.

          Thanks,
          Casey

          Show
          caseyjbrotherton Casey Brotherton added a comment - Neat. the testcase failure is based on matching the error message. Sorry I missed that, will revise. I will also make some wiki page entries to talk about why the path needs to be secure, and some commands to check the permissions. Thanks, Casey
          Hide
          cmccabe Colin P. McCabe added a comment - - edited

          Patch 2 looks looks good to me with the revised message. +1.
          edit: pending test fix, of course

          Show
          cmccabe Colin P. McCabe added a comment - - edited Patch 2 looks looks good to me with the revised message. +1. edit: pending test fix, of course
          Hide
          hadoopqa Hadoop QA added a comment -



          -1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 5m 27s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          -1 tests included 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
          +1 javac 8m 5s There were no new javac warning messages.
          +1 release audit 0m 19s The applied patch does not increase the total number of release audit warnings.
          +1 whitespace 0m 0s The patch has no lines that end in whitespace.
          +1 install 1m 26s mvn install still works.
          +1 eclipse:eclipse 0m 31s The patch built with eclipse:eclipse.
          -1 common tests 22m 28s Tests failed in hadoop-common.
              38m 21s  



          Reason Tests
          Failed unit tests hadoop.net.unix.TestDomainSocket



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12751651/HADOOP-12344.patch
          Optional Tests javac unit
          git revision trunk / feaf034
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/testReport/
          Java 1.7.0_55
          uname Linux asf905.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 pre-patch 5m 27s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. -1 tests included 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 javac 8m 5s There were no new javac warning messages. +1 release audit 0m 19s The applied patch does not increase the total number of release audit warnings. +1 whitespace 0m 0s The patch has no lines that end in whitespace. +1 install 1m 26s mvn install still works. +1 eclipse:eclipse 0m 31s The patch built with eclipse:eclipse. -1 common tests 22m 28s Tests failed in hadoop-common.     38m 21s   Reason Tests Failed unit tests hadoop.net.unix.TestDomainSocket Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12751651/HADOOP-12344.patch Optional Tests javac unit git revision trunk / feaf034 hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/testReport/ Java 1.7.0_55 uname Linux asf905.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7518/console This message was automatically generated.
          Hide
          stevel@apache.org Steve Loughran added a comment -

          How about another wiki entry with a reference to it in the exception; that way we can have much more detail on the wiki about what to do, including examples of fixing the permissions or changing the path

          Show
          stevel@apache.org Steve Loughran added a comment - How about another wiki entry with a reference to it in the exception; that way we can have much more detail on the wiki about what to do, including examples of fixing the permissions or changing the path
          Hide
          qwertymaniac Harsh J added a comment -

          This would be very useful to add to make it easier to understand what path the error's talking of. I know its pre-existed, but I wonder what's the use of asking people to select a different path (bound to have the same problem somehow).

          Patch's changes look good, but I wonder if we should just drop that part of the message and instruct better on how to fix it?

          A message such as:

          java.io.IOException: the path component: '/' in '/var/run/hdfs-sockets/dn' is world-writable. Its permissions are 0077. Expected permission is XXX. Please fix this.
          

          (or similar) … would be more actionable, no?

          Show
          qwertymaniac Harsh J added a comment - This would be very useful to add to make it easier to understand what path the error's talking of. I know its pre-existed, but I wonder what's the use of asking people to select a different path (bound to have the same problem somehow). Patch's changes look good, but I wonder if we should just drop that part of the message and instruct better on how to fix it? A message such as: java.io.IOException: the path component: '/' in '/ var /run/hdfs-sockets/dn' is world-writable. Its permissions are 0077. Expected permission is XXX. Please fix this . (or similar) … would be more actionable, no?
          Hide
          caseyjbrotherton Casey Brotherton added a comment -

          First pass at the changes

          Show
          caseyjbrotherton Casey Brotherton added a comment - First pass at the changes

            People

            • Assignee:
              caseyjbrotherton Casey Brotherton
              Reporter:
              caseyjbrotherton Casey Brotherton
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development