Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Duplicate
-
3.0.0-beta1
-
None
-
None
-
user.name = "jenkins" java.version = "1.8.0_131" java.security.krb5.conf = "/testptch/hadoop/hadoop-common-project/hadoop-common/target/1499472499650/krb5.conf" kdc.resource.dir = "src/test/resources/kdc" hadoop.kerberos.kinit.command = "kinit" hadoop.security.authentication = "KERBEROS" hadoop.security.authorization = "false" hadoop.kerberos.min.seconds.before.relogin = "60" hadoop.security.dns.interface = "(unset)" hadoop.security.dns.nameserver = "(unset)" hadoop.rpc.protection = "authentication" hadoop.security.saslproperties.resolver.class = "(unset)" hadoop.security.crypto.codec.classes = "(unset)" hadoop.security.group.mapping = "org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback" hadoop.security.impersonation.provider.class = "(unset)" dfs.data.transfer.protection = "(unset)" dfs.data.transfer.saslproperties.resolver.class = "(unset)" 2017-07-08 00:08:20,381 WARN security.KDiag (KDiag.java:execute(365)) - The default cluster security is insecure
user.name = "jenkins" java.version = "1.8.0_131" java.security.krb5.conf = "/testptch/hadoop/hadoop-common-project/hadoop-common/target/1499472499650/krb5.conf" kdc.resource.dir = "src/test/resources/kdc" hadoop.kerberos.kinit.command = "kinit" hadoop.security.authentication = "KERBEROS" hadoop.security.authorization = " false " hadoop.kerberos.min.seconds.before.relogin = "60" hadoop.security.dns. interface = "(unset)" hadoop.security.dns.nameserver = "(unset)" hadoop.rpc.protection = "authentication" hadoop.security.saslproperties.resolver.class = "(unset)" hadoop.security.crypto.codec.classes = "(unset)" hadoop.security.group.mapping = "org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback" hadoop.security.impersonation.provider.class = "(unset)" dfs.data.transfer.protection = "(unset)" dfs.data.transfer.saslproperties.resolver.class = "(unset)" 2017-07-08 00:08:20,381 WARN security.KDiag (KDiag.java:execute(365)) - The default cluster security is insecure
Description
The test TestKDiag is failing intermittently on Yetus builds,
org.apache.hadoop.security.KerberosAuthException: Login failure for user: foo@EXAMPLE.COM from keytab /testptch/hadoop/hadoop-common-project/hadoop-common/target/keytab javax.security.auth.login.LoginException: Unable to obtain password from user
The tests that fail are all trying to log in using a keytab just created, the JVM isn't having any of it.
Possible causes? I can think of a few to start with
- keytab generation
- keytab path parameter wrong
- JVM isn't doing the login
- some race condition
- Host OS
- Other environment issues (clock, network...)
There's no recent changes in the kdiag or UGI code.
The failure is intermittent, not surfacing for me (others?) locally, which which could point at: JVM, host OS, race condition, other env issues.
Attachments
Attachments
Issue Links
- duplicates
-
HADOOP-14030 PreCommit TestKDiag failure
- Resolved