Hadoop Common
  1. Hadoop Common
  2. HADOOP-6951

Distinct minicluster services (e.g. NN and JT) overwrite each other's service policies

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.22.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      Because the protocol -> ACL mapping in ServiceAuthorizationManager is static, services which are run in the same JVM have the potential to clobber the other's service authorization ACLs whenever ServiceAuthorizationManager.refresh() is called. This causes authorization failures if one tries to launch a 2NN connected to a minicluster with hadoop.security.authorization enabled. Seems like each service should have its own instance of a ServiceAuthorizationManager, instead of using static methods.

      1. hadoop-6951.2.txt
        6 kB
        Aaron T. Myers
      2. hadoop-6951.1.txt
        5 kB
        Aaron T. Myers
      3. hadoop-6951.txt.0
        5 kB
        Aaron T. Myers

        Issue Links

          Activity

          Aaron T. Myers created issue -
          Aaron T. Myers made changes -
          Field Original Value New Value
          Link This issue incorporates HDFS-1399 [ HDFS-1399 ]
          Aaron T. Myers made changes -
          Assignee Aaron T. Myers [ atm ]
          Aaron T. Myers made changes -
          Link This issue incorporates MAPREDUCE-2067 [ MAPREDUCE-2067 ]
          Aaron T. Myers made changes -
          Attachment hadoop-6951.txt.0 [ 12454618 ]
          Aaron T. Myers made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Fix Version/s 0.22.0 [ 12314296 ]
          Aaron T. Myers made changes -
          Attachment hadoop-6951.1.txt [ 12454699 ]
          Aaron T. Myers made changes -
          Attachment hadoop-6951.2.txt [ 12455210 ]
          Tom White made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Hadoop Flags [Reviewed]
          Resolution Fixed [ 1 ]
          Tom White made changes -
          Resolution Fixed [ 1 ]
          Status Resolved [ 5 ] Reopened [ 4 ]
          Tom White made changes -
          Status Reopened [ 4 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Konstantin Shvachko made changes -
          Status Resolved [ 5 ] Closed [ 6 ]

            People

            • Assignee:
              Aaron T. Myers
              Reporter:
              Aaron T. Myers
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development