Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-7229

Absolute path to kinit in auto-renewal thread

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.21.0, 0.22.0, 0.23.0
    • Fix Version/s: 0.22.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Incompatible change, Reviewed
    • Release Note:
      Hide
      When Hadoop's Kerberos integration is enabled, it is now required that either {{kinit}} be on the path for user accounts running the Hadoop client, or that the {{hadoop.kerberos.kinit.command}} configuration option be manually set to the absolute path to {{kinit}}.
      Show
      When Hadoop's Kerberos integration is enabled, it is now required that either {{kinit}} be on the path for user accounts running the Hadoop client, or that the {{hadoop.kerberos.kinit.command}} configuration option be manually set to the absolute path to {{kinit}}.

      Description

      In the auto-renewal thread for Kerberos credentials in UserGroupInformation, the path to kinit is defaulted to /usr/kerberos/bin/kinit. This is the default path to kinit on RHEL/CentOS for MIT krb5, but not on Debian/Ubuntu (and perhaps others OSes.)

        Attachments

        1. hadoop-7229.2.patch
          1 kB
          Aaron T. Myers
        2. hadoop-7229.1.patch
          1 kB
          Aaron T. Myers
        3. hadoop-7229.0.patch
          0.7 kB
          Aaron T. Myers

          Activity

            People

            • Assignee:
              atm Aaron T. Myers
              Reporter:
              atm Aaron T. Myers
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: