Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.8.0, 3.0.0-alpha2
    • Component/s: util
    • Labels:
      None

      Description

      Shell.java has a hardcoded path to /bin/ls which is not correct on all platforms, eg. not on NixOS.
      (see HADOOP-13457 for a similar issue)

      1. HADOOP-13797.patch
        0.8 kB
        Christine Koppelt

        Activity

        Hide
        stevel@apache.org Steve Loughran added a comment -

        Do we introduce any security risk by doing this? That a malicious version of ls has got onto the path?

        Given we did the change for bin/bash, I doubt there is any risk —just need to be thorough.

        Show
        stevel@apache.org Steve Loughran added a comment - Do we introduce any security risk by doing this? That a malicious version of ls has got onto the path? Given we did the change for bin/bash, I doubt there is any risk —just need to be thorough.
        Hide
        hadoopqa Hadoop QA added a comment -
        -1 overall



        Vote Subsystem Runtime Comment
        0 reexec 3m 53s Docker mode activated.
        +1 @author 0m 0s The patch does not contain any @author tags.
        -1 test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
        +1 mvninstall 7m 1s trunk passed
        +1 compile 10m 55s trunk passed
        +1 checkstyle 0m 33s trunk passed
        +1 mvnsite 1m 7s trunk passed
        +1 mvneclipse 0m 23s trunk passed
        +1 findbugs 1m 30s trunk passed
        +1 javadoc 0m 51s trunk passed
        +1 mvninstall 0m 36s the patch passed
        +1 compile 9m 31s the patch passed
        +1 javac 9m 31s the patch passed
        -0 checkstyle 0m 33s hadoop-common-project/hadoop-common: The patch generated 1 new + 35 unchanged - 1 fixed = 36 total (was 36)
        +1 mvnsite 1m 3s the patch passed
        +1 mvneclipse 0m 23s the patch passed
        +1 whitespace 0m 0s The patch has no whitespace issues.
        +1 findbugs 1m 37s the patch passed
        +1 javadoc 0m 52s the patch passed
        +1 unit 8m 0s hadoop-common in the patch passed.
        +1 asflicense 0m 40s The patch does not generate ASF License warnings.
        51m 39s



        Subsystem Report/Notes
        Docker Image:yetus/hadoop:e809691
        JIRA Issue HADOOP-13797
        JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12837653/HADOOP-13797.patch
        Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle
        uname Linux df1936234b2a 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
        Build tool maven
        Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh
        git revision trunk / ca33bdd
        Default Java 1.8.0_101
        findbugs v3.0.0
        checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-common.txt
        Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/testReport/
        modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common
        Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/console
        Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org

        This message was automatically generated.

        Show
        hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 reexec 3m 53s Docker mode activated. +1 @author 0m 0s The patch does not contain any @author tags. -1 test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 mvninstall 7m 1s trunk passed +1 compile 10m 55s trunk passed +1 checkstyle 0m 33s trunk passed +1 mvnsite 1m 7s trunk passed +1 mvneclipse 0m 23s trunk passed +1 findbugs 1m 30s trunk passed +1 javadoc 0m 51s trunk passed +1 mvninstall 0m 36s the patch passed +1 compile 9m 31s the patch passed +1 javac 9m 31s the patch passed -0 checkstyle 0m 33s hadoop-common-project/hadoop-common: The patch generated 1 new + 35 unchanged - 1 fixed = 36 total (was 36) +1 mvnsite 1m 3s the patch passed +1 mvneclipse 0m 23s the patch passed +1 whitespace 0m 0s The patch has no whitespace issues. +1 findbugs 1m 37s the patch passed +1 javadoc 0m 52s the patch passed +1 unit 8m 0s hadoop-common in the patch passed. +1 asflicense 0m 40s The patch does not generate ASF License warnings. 51m 39s Subsystem Report/Notes Docker Image:yetus/hadoop:e809691 JIRA Issue HADOOP-13797 JIRA Patch URL https://issues.apache.org/jira/secure/attachment/12837653/HADOOP-13797.patch Optional Tests asflicense compile javac javadoc mvninstall mvnsite unit findbugs checkstyle uname Linux df1936234b2a 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Build tool maven Personality /testptch/hadoop/patchprocess/precommit/personality/provided.sh git revision trunk / ca33bdd Default Java 1.8.0_101 findbugs v3.0.0 checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/artifact/patchprocess/diff-checkstyle-hadoop-common-project_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/testReport/ modules C: hadoop-common-project/hadoop-common U: hadoop-common-project/hadoop-common Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/11005/console Powered by Apache Yetus 0.4.0-SNAPSHOT http://yetus.apache.org This message was automatically generated.
        Hide
        stevel@apache.org Steve Loughran added a comment -

        LGTM; discussion in previous JIRAs imply there's no security issues here.

        +1

        Show
        stevel@apache.org Steve Loughran added a comment - LGTM; discussion in previous JIRAs imply there's no security issues here. +1
        Hide
        stevel@apache.org Steve Loughran added a comment -

        Committed to 2.8+. Thanks!

        Show
        stevel@apache.org Steve Loughran added a comment - Committed to 2.8+. Thanks!
        Hide
        hudson Hudson added a comment -

        SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10781 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10781/)
        HADOOP-13797 Remove hardcoded absolute path for ls. Contributed by (stevel: rev f76895573d0166b4b582ff69c3f9c159ab14661f)

        • (edit) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/Shell.java
        Show
        hudson Hudson added a comment - SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10781 (See https://builds.apache.org/job/Hadoop-trunk-Commit/10781/ ) HADOOP-13797 Remove hardcoded absolute path for ls. Contributed by (stevel: rev f76895573d0166b4b582ff69c3f9c159ab14661f) (edit) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/Shell.java

          People

          • Assignee:
            ckoppelt Christine Koppelt
            Reporter:
            ckoppelt Christine Koppelt
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development