Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12617

SPNEGO authentication request to non-default realm gets default realm name inserted in target server principal

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.1
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: security
    • Labels:
      None
    • Environment:

      Java client talking to two secure clusters in different Kerberos realms,
      or talking to any secure cluster in non-default realm

    • Target Version/s:

      Description

      Note: This is NOT a vulnerability.

      In order for a single Java client to communicate with two different secure clusters in different realms (only one of which can be the "default_realm"), the client's krb5.conf file must specify both realms, and provide a [domain_realm] section that maps cluster servers' domains to the correct realms. With other appropriate behaviors (such as using the config from each cluster to talk to the respective clusters, and a user principal from each realm to talk to the respective realms), this is sufficient for most Hadoop ecosystem clients.

      But our SPNEGO using clients, such as Oozie, have a bug when it comes to talking to a non-default realm. The default realm name gets incorrectly inserted into the construction of the target server principal for the non-default-realm cluster. Details and proposed solution are given in the first comments below.

      1. HADOOP-12617.003.patch
        9 kB
        Matt Foley
      2. HADOOP-12617.005.patch
        8 kB
        Matt Foley
      3. HADOOP-12617.006.patch
        8 kB
        Matt Foley
      4. HADOOP-12617.007.patch
        9 kB
        Matt Foley
      5. HADOOP-12617.008.patch
        9 kB
        Matt Foley
      6. HADOOP-12617-branch-2.7.001.patch
        8 kB
        Matt Foley
      7. HADOOP-12617-branch-2.7.003.patch
        8 kB
        Matt Foley

        Activity

        Hide
        mattf Matt Foley added a comment -

        Teradata engineering team provided debugger information leading to the following analysis:

        A Java client desiring to initiate communication via HTTP/SPNEGO does the following: In the context of a UGI.doAs(), it calls org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(), which in turn calls doSpnegoSequence().

        Inside doSpnegoSequence(), is this code at https://github.com/apache/hadoop/blob/branch-2.7.2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java#L287-L298 :

        Subject.doAs(subject, new PrivilegedExceptionAction() {
            public Void run() throws Exception {
                GSSContext gssContext = null;
        
                try {
                    GSSManager gssManager = GSSManager.getInstance();
                    String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP", KerberosAuthenticator.this.url.getHost());                  
                    Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL"); 
                    GSSName serviceName = gssManager.createName(servicePrincipal, oid);
        

        Subject is set with the correct user principal and target server name and realm. After executing the line:

        String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP", KerberosAuthenticator.this.url.getHost());
         

        The ServicePrincipal is returned as: "HTTP/hostname" (with an actual value for "hostname"), but no realm.
        Then, when it gets the serviceName

        GSSName serviceName = gssManager.createName(servicePrincipal, oid);
        

        The resulting data structure includes a subfield Krb5PrincipalName with value "HTTP/hostname@DEFAULTREALM", where "hostname" and "DEFAULTREALM" are of course substituted with real values. The default realm should not be here. It is required that the correct non-default realm should be derived from the domain of "hostname".

        However, the second component of a principal is, strictly speaking, the "instance", not the "server". Thus, the Kerb libraries are not inferring the realm from the domain portion of the server name, because the formal semantics don't actually match; and of course there is nowhere else the realm could be correctly inferred from. KerberosUtil.getServicePrincipal() has to return a full principal with correct realm, rather than the short principal with inferred default realm.

        Show
        mattf Matt Foley added a comment - Teradata engineering team provided debugger information leading to the following analysis: A Java client desiring to initiate communication via HTTP/SPNEGO does the following: In the context of a UGI.doAs(), it calls org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(), which in turn calls doSpnegoSequence(). Inside doSpnegoSequence(), is this code at https://github.com/apache/hadoop/blob/branch-2.7.2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java#L287-L298 : Subject.doAs(subject, new PrivilegedExceptionAction() { public Void run() throws Exception { GSSContext gssContext = null ; try { GSSManager gssManager = GSSManager.getInstance(); String servicePrincipal = KerberosUtil.getServicePrincipal( "HTTP" , KerberosAuthenticator. this .url.getHost()); Oid oid = KerberosUtil.getOidInstance( "NT_GSS_KRB5_PRINCIPAL" ); GSSName serviceName = gssManager.createName(servicePrincipal, oid); Subject is set with the correct user principal and target server name and realm. After executing the line: String servicePrincipal = KerberosUtil.getServicePrincipal( "HTTP" , KerberosAuthenticator. this .url.getHost()); The ServicePrincipal is returned as: "HTTP/hostname" (with an actual value for "hostname"), but no realm. Then, when it gets the serviceName GSSName serviceName = gssManager.createName(servicePrincipal, oid); The resulting data structure includes a subfield Krb5PrincipalName with value "HTTP/hostname@DEFAULTREALM", where "hostname" and "DEFAULTREALM" are of course substituted with real values. The default realm should not be here. It is required that the correct non-default realm should be derived from the domain of "hostname". However, the second component of a principal is, strictly speaking, the "instance", not the "server". Thus, the Kerb libraries are not inferring the realm from the domain portion of the server name, because the formal semantics don't actually match; and of course there is nowhere else the realm could be correctly inferred from. KerberosUtil.getServicePrincipal() has to return a full principal with correct realm, rather than the short principal with inferred default realm.
        Hide
        mattf Matt Foley added a comment -

        The proposed patch provides the required functionality with no changes to API signatures or exceptions, and following the model of other code in KerberosUtils.java.

        Furthermore, I grepped all java files in a broad set of Hadoop ecosystem components:

        • accumulo, atlas, calcite, datafu, falcon, flume, hadoop, hbase, hive, hue, kafka, knox, mahout, oozie, phoenix, pig, ranger, slider, spark, sqoop, storm, tez, zookeeper

        and found that no code calls KerberosUtils.getServicePrincipal() directly except that in the Hadoop auth package. Both instances there use the result ONLY as an argument for an immediate call to gssManager.createName(), which accepts the fully qualified principal and does the right thing with it. So I believe this patch is safe.

        Show
        mattf Matt Foley added a comment - The proposed patch provides the required functionality with no changes to API signatures or exceptions, and following the model of other code in KerberosUtils.java. Furthermore, I grepped all java files in a broad set of Hadoop ecosystem components: accumulo, atlas, calcite, datafu, falcon, flume, hadoop, hbase, hive, hue, kafka, knox, mahout, oozie, phoenix, pig, ranger, slider, spark, sqoop, storm, tez, zookeeper and found that no code calls KerberosUtils.getServicePrincipal() directly except that in the Hadoop auth package. Both instances there use the result ONLY as an argument for an immediate call to gssManager.createName(), which accepts the fully qualified principal and does the right thing with it. So I believe this patch is safe.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        -1 patch 0m 4s HADOOP-12617 does not apply to trunk. Rebase required? Wrong Branch? See https://wiki.apache.org/hadoop/HowToContribute for help.



        Subsystem Report/Notes
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776012/HADOOP-12617.001.patch
        JIRA Issue HADOOP-12617
        Powered by Apache Yetus 0.1.0-SNAPSHOT http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8189/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment -1 patch 0m 4s HADOOP-12617 does not apply to trunk. Rebase required? Wrong Branch? See https://wiki.apache.org/hadoop/HowToContribute for help. Subsystem Report/Notes JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776012/HADOOP-12617.001.patch JIRA Issue HADOOP-12617 Powered by Apache Yetus 0.1.0-SNAPSHOT http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8189/console This message was automatically generated.
        Hide
        stevel@apache.org Steve Loughran added a comment -

        is there any risk those log@ error messages are going to recur on every IPC call, so overloading logs?

        Show
        stevel@apache.org Steve Loughran added a comment - is there any risk those log@ error messages are going to recur on every IPC call, so overloading logs?
        Hide
        mattf Matt Foley added a comment - - edited

        Steve Loughran, not in a properly configured system. There is some evidence that if run on a system with Kerberos configured on but default realm not defined (either via System Property "java.security.krb5.realm" or krb5.conf parameter "default_realm"), that getDefaultRealm() or getDomainRealm() may throw an exception. But that's a fairly gross misconfiguration.

        Also, I put a call to both getDefaultRealm() and getDomainRealm() in the revised unit test, and they did not throw an exception on the Jenkins test host, which may or may not be well configured.

        Do you think the error should be suppressed without logging? I had wondered why there was no logging in the KerberosUtils class.

        Also, does anyone listening have access to the documentation for IBM Java package "com.ibm.security.krb5"? getDomainRealm() follows the model of getDefaultRealm(), but I was unable to confirm that com.ibm.security.krb5.internal.PrincipalName exists and respects the semantics of principal string type "KRB_NT_SRV_HST". Thanks.

        Show
        mattf Matt Foley added a comment - - edited Steve Loughran , not in a properly configured system. There is some evidence that if run on a system with Kerberos configured on but default realm not defined (either via System Property "java.security.krb5.realm" or krb5.conf parameter "default_realm"), that getDefaultRealm() or getDomainRealm() may throw an exception. But that's a fairly gross misconfiguration. Also, I put a call to both getDefaultRealm() and getDomainRealm() in the revised unit test, and they did not throw an exception on the Jenkins test host, which may or may not be well configured. Do you think the error should be suppressed without logging? I had wondered why there was no logging in the KerberosUtils class. Also, does anyone listening have access to the documentation for IBM Java package "com.ibm.security.krb5"? getDomainRealm() follows the model of getDefaultRealm(), but I was unable to confirm that com.ibm.security.krb5.internal.PrincipalName exists and respects the semantics of principal string type "KRB_NT_SRV_HST". Thanks.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 59s trunk passed
        +1 compile 8m 57s trunk passed with JDK v1.8.0_66
        +1 compile 9m 28s trunk passed with JDK v1.7.0_85
        +1 checkstyle 0m 9s trunk passed
        +1 mvnsite 0m 21s trunk passed
        +1 mvneclipse 0m 13s trunk passed
        +1 findbugs 0m 28s trunk passed
        +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85
        -1 mvninstall 0m 15s hadoop-auth in the patch failed.
        -1 compile 0m 21s root in the patch failed with JDK v1.8.0_66.
        -1 javac 0m 21s root in the patch failed with JDK v1.8.0_66.
        -1 compile 0m 24s root in the patch failed with JDK v1.7.0_85.
        -1 javac 0m 24s root in the patch failed with JDK v1.7.0_85.
        -1 checkstyle 0m 9s Patch generated 4 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 19).
        -1 mvnsite 0m 16s hadoop-auth in the patch failed.
        +1 mvneclipse 0m 13s the patch passed
        -1 whitespace 0m 0s The patch has 14 line(s) that end in whitespace. Use git apply --whitespace=fix.
        -1 findbugs 0m 13s hadoop-auth in the patch failed.
        +1 javadoc 0m 13s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85
        -1 unit 0m 13s hadoop-auth in the patch failed with JDK v1.8.0_66.
        -1 unit 0m 15s hadoop-auth in the patch failed with JDK v1.7.0_85.
        +1 asflicense 0m 22s Patch does not generate ASF License warnings.
        32m 9s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776136/HADOOP-12617.002.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux 05e7fb9513d8 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / 01a641b
        findbugs v3.0.0
        mvninstall https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-mvninstall-hadoop-common-project_hadoop-auth.txt
        compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt
        javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt
        compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt
        javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt
        checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt
        mvnsite https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-mvnsite-hadoop-common-project_hadoop-auth.txt
        whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/whitespace-eol.txt
        findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-findbugs-hadoop-common-project_hadoop-auth.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt
        JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/testReport/
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 75MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 59s trunk passed +1 compile 8m 57s trunk passed with JDK v1.8.0_66 +1 compile 9m 28s trunk passed with JDK v1.7.0_85 +1 checkstyle 0m 9s trunk passed +1 mvnsite 0m 21s trunk passed +1 mvneclipse 0m 13s trunk passed +1 findbugs 0m 28s trunk passed +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85 -1 mvninstall 0m 15s hadoop-auth in the patch failed. -1 compile 0m 21s root in the patch failed with JDK v1.8.0_66. -1 javac 0m 21s root in the patch failed with JDK v1.8.0_66. -1 compile 0m 24s root in the patch failed with JDK v1.7.0_85. -1 javac 0m 24s root in the patch failed with JDK v1.7.0_85. -1 checkstyle 0m 9s Patch generated 4 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 19). -1 mvnsite 0m 16s hadoop-auth in the patch failed. +1 mvneclipse 0m 13s the patch passed -1 whitespace 0m 0s The patch has 14 line(s) that end in whitespace. Use git apply --whitespace=fix. -1 findbugs 0m 13s hadoop-auth in the patch failed. +1 javadoc 0m 13s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85 -1 unit 0m 13s hadoop-auth in the patch failed with JDK v1.8.0_66. -1 unit 0m 15s hadoop-auth in the patch failed with JDK v1.7.0_85. +1 asflicense 0m 22s Patch does not generate ASF License warnings. 32m 9s Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776136/HADOOP-12617.002.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 05e7fb9513d8 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / 01a641b findbugs v3.0.0 mvninstall https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-mvninstall-hadoop-common-project_hadoop-auth.txt compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt mvnsite https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-mvnsite-hadoop-common-project_hadoop-auth.txt whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/whitespace-eol.txt findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-findbugs-hadoop-common-project_hadoop-auth.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/testReport/ modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 75MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8195/console This message was automatically generated.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 42s trunk passed
        +1 compile 8m 15s trunk passed with JDK v1.8.0_66
        +1 compile 8m 41s trunk passed with JDK v1.7.0_85
        +1 checkstyle 0m 8s trunk passed
        +1 mvnsite 0m 21s trunk passed
        +1 mvneclipse 0m 13s trunk passed
        +1 findbugs 0m 26s trunk passed
        +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 13s trunk passed with JDK v1.7.0_85
        +1 mvninstall 0m 17s the patch passed
        +1 compile 7m 43s the patch passed with JDK v1.8.0_66
        +1 javac 7m 43s the patch passed
        +1 compile 8m 38s the patch passed with JDK v1.7.0_85
        +1 javac 8m 38s the patch passed
        -1 checkstyle 0m 7s Patch generated 1 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 16).
        +1 mvnsite 0m 19s the patch passed
        +1 mvneclipse 0m 13s the patch passed
        +1 whitespace 0m 0s Patch has no whitespace issues.
        +1 findbugs 0m 34s the patch passed
        +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85
        -1 unit 3m 40s hadoop-auth in the patch failed with JDK v1.8.0_66.
        -1 unit 3m 59s hadoop-auth in the patch failed with JDK v1.7.0_85.
        +1 asflicense 0m 23s Patch does not generate ASF License warnings.
        53m 50s



        Reason Tests
        JDK v1.8.0_66 Failed junit tests hadoop.security.authentication.util.TestKerberosUtil
        JDK v1.7.0_85 Failed junit tests hadoop.security.authentication.util.TestKerberosUtil



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776163/HADOOP-12617.003.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux ba16fe4e49af 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / 01a641b
        findbugs v3.0.0
        checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt
        unit test logs https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt
        JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/testReport/
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 75MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 42s trunk passed +1 compile 8m 15s trunk passed with JDK v1.8.0_66 +1 compile 8m 41s trunk passed with JDK v1.7.0_85 +1 checkstyle 0m 8s trunk passed +1 mvnsite 0m 21s trunk passed +1 mvneclipse 0m 13s trunk passed +1 findbugs 0m 26s trunk passed +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 13s trunk passed with JDK v1.7.0_85 +1 mvninstall 0m 17s the patch passed +1 compile 7m 43s the patch passed with JDK v1.8.0_66 +1 javac 7m 43s the patch passed +1 compile 8m 38s the patch passed with JDK v1.7.0_85 +1 javac 8m 38s the patch passed -1 checkstyle 0m 7s Patch generated 1 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 16). +1 mvnsite 0m 19s the patch passed +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s Patch has no whitespace issues. +1 findbugs 0m 34s the patch passed +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85 -1 unit 3m 40s hadoop-auth in the patch failed with JDK v1.8.0_66. -1 unit 3m 59s hadoop-auth in the patch failed with JDK v1.7.0_85. +1 asflicense 0m 23s Patch does not generate ASF License warnings. 53m 50s Reason Tests JDK v1.8.0_66 Failed junit tests hadoop.security.authentication.util.TestKerberosUtil JDK v1.7.0_85 Failed junit tests hadoop.security.authentication.util.TestKerberosUtil Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776163/HADOOP-12617.003.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux ba16fe4e49af 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / 01a641b findbugs v3.0.0 checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt unit test logs https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/testReport/ modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 75MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8196/console This message was automatically generated.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 22s trunk passed
        +1 compile 7m 29s trunk passed with JDK v1.8.0_66
        +1 compile 8m 25s trunk passed with JDK v1.7.0_85
        +1 checkstyle 0m 8s trunk passed
        +1 mvnsite 0m 20s trunk passed
        +1 mvneclipse 0m 13s trunk passed
        +1 findbugs 0m 26s trunk passed
        +1 javadoc 0m 12s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85
        -1 mvninstall 0m 12s hadoop-auth in the patch failed.
        -1 compile 0m 17s root in the patch failed with JDK v1.8.0_66.
        -1 javac 0m 17s root in the patch failed with JDK v1.8.0_66.
        -1 compile 0m 21s root in the patch failed with JDK v1.7.0_85.
        -1 javac 0m 21s root in the patch failed with JDK v1.7.0_85.
        -1 checkstyle 0m 7s Patch generated 3 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 18).
        -1 mvnsite 0m 14s hadoop-auth in the patch failed.
        +1 mvneclipse 0m 13s the patch passed
        +1 whitespace 0m 0s Patch has no whitespace issues.
        -1 findbugs 0m 12s hadoop-auth in the patch failed.
        +1 javadoc 0m 11s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85
        -1 unit 0m 11s hadoop-auth in the patch failed with JDK v1.8.0_66.
        -1 unit 0m 13s hadoop-auth in the patch failed with JDK v1.7.0_85.
        -1 asflicense 0m 18s Patch generated 3 ASF License warnings.
        28m 30s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776228/HADOOP-12617.004.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux 6529e0482bdc 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / fc47084
        findbugs v3.0.0
        mvninstall https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-mvninstall-hadoop-common-project_hadoop-auth.txt
        compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt
        javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt
        compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt
        javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt
        checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt
        mvnsite https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-mvnsite-hadoop-common-project_hadoop-auth.txt
        findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-findbugs-hadoop-common-project_hadoop-auth.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt
        unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt
        JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/testReport/
        asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-asflicense-problems.txt
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 75MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 22s trunk passed +1 compile 7m 29s trunk passed with JDK v1.8.0_66 +1 compile 8m 25s trunk passed with JDK v1.7.0_85 +1 checkstyle 0m 8s trunk passed +1 mvnsite 0m 20s trunk passed +1 mvneclipse 0m 13s trunk passed +1 findbugs 0m 26s trunk passed +1 javadoc 0m 12s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85 -1 mvninstall 0m 12s hadoop-auth in the patch failed. -1 compile 0m 17s root in the patch failed with JDK v1.8.0_66. -1 javac 0m 17s root in the patch failed with JDK v1.8.0_66. -1 compile 0m 21s root in the patch failed with JDK v1.7.0_85. -1 javac 0m 21s root in the patch failed with JDK v1.7.0_85. -1 checkstyle 0m 7s Patch generated 3 new checkstyle issues in hadoop-common-project/hadoop-auth (total was 15, now 18). -1 mvnsite 0m 14s hadoop-auth in the patch failed. +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s Patch has no whitespace issues. -1 findbugs 0m 12s hadoop-auth in the patch failed. +1 javadoc 0m 11s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85 -1 unit 0m 11s hadoop-auth in the patch failed with JDK v1.8.0_66. -1 unit 0m 13s hadoop-auth in the patch failed with JDK v1.7.0_85. -1 asflicense 0m 18s Patch generated 3 ASF License warnings. 28m 30s Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776228/HADOOP-12617.004.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 6529e0482bdc 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / fc47084 findbugs v3.0.0 mvninstall https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-mvninstall-hadoop-common-project_hadoop-auth.txt compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.8.0_66.txt compile https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt javac https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-compile-root-jdk1.7.0_85.txt checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-auth.txt mvnsite https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-mvnsite-hadoop-common-project_hadoop-auth.txt findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-findbugs-hadoop-common-project_hadoop-auth.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.8.0_66.txt unit https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-unit-hadoop-common-project_hadoop-auth-jdk1.7.0_85.txt JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/testReport/ asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/artifact/patchprocess/patch-asflicense-problems.txt modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 75MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8200/console This message was automatically generated.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 57s trunk passed
        +1 compile 9m 6s trunk passed with JDK v1.8.0_66
        +1 compile 9m 27s trunk passed with JDK v1.7.0_85
        +1 checkstyle 0m 9s trunk passed
        +1 mvnsite 0m 20s trunk passed
        +1 mvneclipse 0m 14s trunk passed
        +1 findbugs 0m 27s trunk passed
        +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85
        +1 mvninstall 0m 19s the patch passed
        +1 compile 9m 0s the patch passed with JDK v1.8.0_66
        +1 javac 9m 0s the patch passed
        +1 compile 9m 25s the patch passed with JDK v1.7.0_85
        +1 javac 9m 25s the patch passed
        +1 checkstyle 0m 8s the patch passed
        +1 mvnsite 0m 21s the patch passed
        +1 mvneclipse 0m 13s the patch passed
        +1 whitespace 0m 0s Patch has no whitespace issues.
        -1 findbugs 0m 37s hadoop-common-project/hadoop-auth introduced 1 new FindBugs issues.
        +1 javadoc 0m 13s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85
        +1 unit 3m 41s hadoop-auth in the patch passed with JDK v1.8.0_66.
        +1 unit 4m 2s hadoop-auth in the patch passed with JDK v1.7.0_85.
        -1 asflicense 0m 19s Patch generated 3 ASF License warnings.
        57m 41s



        Reason Tests
        FindBugs module:hadoop-common-project/hadoop-auth
          Exception is caught when Exception is not thrown in org.apache.hadoop.security.authentication.util.KerberosUtil.getDomainRealm(String) At KerberosUtil.java:is not thrown in org.apache.hadoop.security.authentication.util.KerberosUtil.getDomainRealm(String) At KerberosUtil.java:[line 129]



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776242/HADOOP-12617.005.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux 4294f42c20e0 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / fc47084
        findbugs v3.0.0
        findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/artifact/patchprocess/new-findbugs-hadoop-common-project_hadoop-auth.html
        JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/testReport/
        asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/artifact/patchprocess/patch-asflicense-problems.txt
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 76MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 57s trunk passed +1 compile 9m 6s trunk passed with JDK v1.8.0_66 +1 compile 9m 27s trunk passed with JDK v1.7.0_85 +1 checkstyle 0m 9s trunk passed +1 mvnsite 0m 20s trunk passed +1 mvneclipse 0m 14s trunk passed +1 findbugs 0m 27s trunk passed +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85 +1 mvninstall 0m 19s the patch passed +1 compile 9m 0s the patch passed with JDK v1.8.0_66 +1 javac 9m 0s the patch passed +1 compile 9m 25s the patch passed with JDK v1.7.0_85 +1 javac 9m 25s the patch passed +1 checkstyle 0m 8s the patch passed +1 mvnsite 0m 21s the patch passed +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s Patch has no whitespace issues. -1 findbugs 0m 37s hadoop-common-project/hadoop-auth introduced 1 new FindBugs issues. +1 javadoc 0m 13s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85 +1 unit 3m 41s hadoop-auth in the patch passed with JDK v1.8.0_66. +1 unit 4m 2s hadoop-auth in the patch passed with JDK v1.7.0_85. -1 asflicense 0m 19s Patch generated 3 ASF License warnings. 57m 41s Reason Tests FindBugs module:hadoop-common-project/hadoop-auth   Exception is caught when Exception is not thrown in org.apache.hadoop.security.authentication.util.KerberosUtil.getDomainRealm(String) At KerberosUtil.java:is not thrown in org.apache.hadoop.security.authentication.util.KerberosUtil.getDomainRealm(String) At KerberosUtil.java: [line 129] Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776242/HADOOP-12617.005.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 4294f42c20e0 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / fc47084 findbugs v3.0.0 findbugs https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/artifact/patchprocess/new-findbugs-hadoop-common-project_hadoop-auth.html JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/testReport/ asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/artifact/patchprocess/patch-asflicense-problems.txt modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 76MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8201/console This message was automatically generated.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 1s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 53s trunk passed
        +1 compile 8m 57s trunk passed with JDK v1.8.0_66
        +1 compile 9m 32s trunk passed with JDK v1.7.0_85
        +1 checkstyle 0m 8s trunk passed
        +1 mvnsite 0m 23s trunk passed
        +1 mvneclipse 0m 13s trunk passed
        +1 findbugs 0m 28s trunk passed
        +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85
        +1 mvninstall 0m 18s the patch passed
        +1 compile 8m 53s the patch passed with JDK v1.8.0_66
        +1 javac 8m 53s the patch passed
        +1 compile 9m 16s the patch passed with JDK v1.7.0_85
        +1 javac 9m 16s the patch passed
        +1 checkstyle 0m 9s the patch passed
        +1 mvnsite 0m 21s the patch passed
        +1 mvneclipse 0m 13s the patch passed
        +1 whitespace 0m 0s Patch has no whitespace issues.
        +1 findbugs 0m 35s the patch passed
        +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85
        +1 unit 3m 41s hadoop-auth in the patch passed with JDK v1.8.0_66.
        +1 unit 4m 3s hadoop-auth in the patch passed with JDK v1.7.0_85.
        -1 asflicense 0m 20s Patch generated 3 ASF License warnings.
        57m 20s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776272/HADOOP-12617.006.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux 8ba1962ca70c 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / fc47084
        findbugs v3.0.0
        JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/testReport/
        asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/artifact/patchprocess/patch-asflicense-problems.txt
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 76MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 1s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 53s trunk passed +1 compile 8m 57s trunk passed with JDK v1.8.0_66 +1 compile 9m 32s trunk passed with JDK v1.7.0_85 +1 checkstyle 0m 8s trunk passed +1 mvnsite 0m 23s trunk passed +1 mvneclipse 0m 13s trunk passed +1 findbugs 0m 28s trunk passed +1 javadoc 0m 13s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 14s trunk passed with JDK v1.7.0_85 +1 mvninstall 0m 18s the patch passed +1 compile 8m 53s the patch passed with JDK v1.8.0_66 +1 javac 8m 53s the patch passed +1 compile 9m 16s the patch passed with JDK v1.7.0_85 +1 javac 9m 16s the patch passed +1 checkstyle 0m 9s the patch passed +1 mvnsite 0m 21s the patch passed +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s Patch has no whitespace issues. +1 findbugs 0m 35s the patch passed +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_85 +1 unit 3m 41s hadoop-auth in the patch passed with JDK v1.8.0_66. +1 unit 4m 3s hadoop-auth in the patch passed with JDK v1.7.0_85. -1 asflicense 0m 20s Patch generated 3 ASF License warnings. 57m 20s Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776272/HADOOP-12617.006.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 8ba1962ca70c 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / fc47084 findbugs v3.0.0 JDK v1.7.0_85 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/testReport/ asflicense https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/artifact/patchprocess/patch-asflicense-problems.txt modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 76MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8203/console This message was automatically generated.
        Hide
        vinayrpet Vinayakumar B added a comment -

        Thanks Matt Foley for the patch.

        It looks great. Surendra Singh Lilhore was able to verify in our cluster with the patch with Oracle Java. It works great.

        I just have one nit.

        System.getProperty("java.vendor").contains("IBM")

        You can use PlatformName.IBM_JAVA instead. Its already used in KerberosUtil.

        +1 once addressed.

        Show
        vinayrpet Vinayakumar B added a comment - Thanks Matt Foley for the patch. It looks great. Surendra Singh Lilhore was able to verify in our cluster with the patch with Oracle Java. It works great. I just have one nit. System .getProperty( "java.vendor" ).contains( "IBM" ) You can use PlatformName.IBM_JAVA instead. Its already used in KerberosUtil. +1 once addressed.
        Hide
        mattf Matt Foley added a comment -

        Vinayakumar B, thanks for the review. Agree re IBM_JAVA, have changed it. Rather than mix usages, I also corrected two existing instances of 'System.getProperty("java.vendor").contains("IBM")', so now KerberosUtil.java uses solely the 'IBM_JAVA' usage. I only did this in the trunk patch, not for maintenance branches, since it is a cleanup not a bug fix.

        Will run it thru the Hadoop QA robot once more, then I will commit it per your +1.

        Show
        mattf Matt Foley added a comment - Vinayakumar B , thanks for the review. Agree re IBM_JAVA, have changed it. Rather than mix usages, I also corrected two existing instances of 'System.getProperty("java.vendor").contains("IBM")', so now KerberosUtil.java uses solely the 'IBM_JAVA' usage. I only did this in the trunk patch, not for maintenance branches, since it is a cleanup not a bug fix. Will run it thru the Hadoop QA robot once more, then I will commit it per your +1.
        Hide
        hadoopqa Hadoop QA added a comment -
        +1 overall



        Vote Subsystem Runtime Comment
        0 reexec 0m 0s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        +1 test4tests 0m 0s The patch appears to include 1 new or modified test files.
        +1 mvninstall 7m 35s trunk passed
        +1 compile 8m 3s trunk passed with JDK v1.8.0_66
        +1 compile 8m 33s trunk passed with JDK v1.7.0_91
        +1 checkstyle 0m 8s trunk passed
        +1 mvnsite 0m 20s trunk passed
        +1 mvneclipse 0m 13s trunk passed
        +1 findbugs 0m 28s trunk passed
        +1 javadoc 0m 11s trunk passed with JDK v1.8.0_66
        +1 javadoc 0m 14s trunk passed with JDK v1.7.0_91
        +1 mvninstall 0m 18s the patch passed
        +1 compile 7m 44s the patch passed with JDK v1.8.0_66
        +1 javac 7m 44s the patch passed
        +1 compile 8m 39s the patch passed with JDK v1.7.0_91
        +1 javac 8m 39s the patch passed
        +1 checkstyle 0m 8s the patch passed
        +1 mvnsite 0m 21s the patch passed
        +1 mvneclipse 0m 13s the patch passed
        +1 whitespace 0m 0s Patch has no whitespace issues.
        +1 findbugs 0m 34s the patch passed
        +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66
        +1 javadoc 0m 14s the patch passed with JDK v1.7.0_91
        +1 unit 12m 53s hadoop-auth in the patch passed with JDK v1.8.0_66.
        +1 unit 13m 2s hadoop-auth in the patch passed with JDK v1.7.0_91.
        +1 asflicense 0m 21s Patch does not generate ASF License warnings.
        71m 33s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:0ca8df7
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776399/HADOOP-12617.007.patch
        JIRA Issue HADOOP-12617
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux 82bedf2d237d 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / c4084d9
        findbugs v3.0.0
        JDK v1.7.0_91 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8208/testReport/
        modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth
        Max memory used 75MB
        Powered by Apache Yetus http://yetus.apache.org
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8208/console

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 reexec 0m 0s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. +1 test4tests 0m 0s The patch appears to include 1 new or modified test files. +1 mvninstall 7m 35s trunk passed +1 compile 8m 3s trunk passed with JDK v1.8.0_66 +1 compile 8m 33s trunk passed with JDK v1.7.0_91 +1 checkstyle 0m 8s trunk passed +1 mvnsite 0m 20s trunk passed +1 mvneclipse 0m 13s trunk passed +1 findbugs 0m 28s trunk passed +1 javadoc 0m 11s trunk passed with JDK v1.8.0_66 +1 javadoc 0m 14s trunk passed with JDK v1.7.0_91 +1 mvninstall 0m 18s the patch passed +1 compile 7m 44s the patch passed with JDK v1.8.0_66 +1 javac 7m 44s the patch passed +1 compile 8m 39s the patch passed with JDK v1.7.0_91 +1 javac 8m 39s the patch passed +1 checkstyle 0m 8s the patch passed +1 mvnsite 0m 21s the patch passed +1 mvneclipse 0m 13s the patch passed +1 whitespace 0m 0s Patch has no whitespace issues. +1 findbugs 0m 34s the patch passed +1 javadoc 0m 12s the patch passed with JDK v1.8.0_66 +1 javadoc 0m 14s the patch passed with JDK v1.7.0_91 +1 unit 12m 53s hadoop-auth in the patch passed with JDK v1.8.0_66. +1 unit 13m 2s hadoop-auth in the patch passed with JDK v1.7.0_91. +1 asflicense 0m 21s Patch does not generate ASF License warnings. 71m 33s Subsystem Report/Notes Docker Image:yetus/hadoop:0ca8df7 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12776399/HADOOP-12617.007.patch JIRA Issue HADOOP-12617 Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux 82bedf2d237d 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / c4084d9 findbugs v3.0.0 JDK v1.7.0_91 Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/8208/testReport/ modules C: hadoop-common-project/hadoop-auth U: hadoop-common-project/hadoop-auth Max memory used 75MB Powered by Apache Yetus http://yetus.apache.org Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/8208/console This message was automatically generated.
        Hide
        mattf Matt Foley added a comment -

        Happily, the spurious asflicense check went away. Also, I ran an IBM Java SDK (version 8.0) on a Linux CentOS 6 VM, and established that the correct fully qualified class name for PrincipalName is "com.ibm.security.krb5.PrincipalName", not "com.ibm.security.krb5.internal.PrincipalName". With the corrected path, it works as expected. So I'm uploading one more version of the patchfile, HADOOP-12617.008.patch, with that correction, but there's no need to run the robot again.

        Committing underway.

        Show
        mattf Matt Foley added a comment - Happily, the spurious asflicense check went away. Also, I ran an IBM Java SDK (version 8.0) on a Linux CentOS 6 VM, and established that the correct fully qualified class name for PrincipalName is "com.ibm.security.krb5.PrincipalName", not "com.ibm.security.krb5.internal.PrincipalName". With the corrected path, it works as expected. So I'm uploading one more version of the patchfile, HADOOP-12617 .008.patch, with that correction, but there's no need to run the robot again. Committing underway.
        Hide
        mattf Matt Foley added a comment -

        Committed to trunk as ada9c2c410c15e95,
        branch-2 as 472541291bf868c,
        branch-2.8 as 05a7fb3a9a02326cb46.

        Should therefore be expected in 2.8.0 and all later releases.

        Show
        mattf Matt Foley added a comment - Committed to trunk as ada9c2c410c15e95, branch-2 as 472541291bf868c, branch-2.8 as 05a7fb3a9a02326cb46. Should therefore be expected in 2.8.0 and all later releases.
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-trunk-Commit #8944 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8944/)
        HADOOP-12617. SPNEGO authentication request to non-default realm gets (mattf: rev ada9c2c410c15e95d0a21ea2941986195606aad8)

        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #8944 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8944/ ) HADOOP-12617 . SPNEGO authentication request to non-default realm gets (mattf: rev ada9c2c410c15e95d0a21ea2941986195606aad8) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #678 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/678/)
        HADOOP-12617. SPNEGO authentication request to non-default realm gets (mattf: rev ada9c2c410c15e95d0a21ea2941986195606aad8)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java
        • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #678 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/678/ ) HADOOP-12617 . SPNEGO authentication request to non-default realm gets (mattf: rev ada9c2c410c15e95d0a21ea2941986195606aad8) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestKerberosUtil.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java

          People

          • Assignee:
            mattf Matt Foley
            Reporter:
            mattf Matt Foley
          • Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development