In CDH6, when we bump jsvc from 1.0.10 to 1.1.0 we hit KerberosAuthException: failure to login / LoginException: Unable to obtain password from user due to
DAEMON-264 and our
dfs.nfs.keytab.file config uses a relative path. I will probably file another jira to issue a warning like hdfs.keytab not found before KerberosAuthException in this case.
The solution is to add -cwd $(pwd) in function hadoop_start_secure_daemon in hadoop-functions.sh but I will have to consider the compatibility with older jsvc versions <= 1.0.10. Will post the patch after I tested it.
Thanks Todd Lipcon for finding the root cause.