Hadoop Common
  1. Hadoop Common
  2. HADOOP-9477

Add posixGroups support for LDAP groups mapping service

    Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.4-alpha
    • Fix Version/s: 2.8.0
    • Component/s: None
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Hide
      Add posixGroups support for LDAP groups mapping service. The change in LDAPGroupMapping is compatible with previous scenario. In LDAP, the group mapping between {{posixAccount}} and {{posixGroup}} is different from the general LDAPGroupMapping, one of the differences is the {{"memberUid"}} will be used to mapping {{posixAccount}} and {{posixGroup}}. The feature will handle the mapping in internal when configuration {{hadoop.security.group.mapping.ldap.search.filter.user}} is set as "posixAccount" and {{hadoop.security.group.mapping.ldap.search.filter.group}} is "posixGroup".
      Show
      Add posixGroups support for LDAP groups mapping service. The change in LDAPGroupMapping is compatible with previous scenario. In LDAP, the group mapping between {{posixAccount}} and {{posixGroup}} is different from the general LDAPGroupMapping, one of the differences is the {{"memberUid"}} will be used to mapping {{posixAccount}} and {{posixGroup}}. The feature will handle the mapping in internal when configuration {{hadoop.security.group.mapping.ldap.search.filter.user}} is set as "posixAccount" and {{hadoop.security.group.mapping.ldap.search.filter.group}} is "posixGroup".

      Description

      It would be nice to support posixGroups for LdapGroupsMapping service. Below is from current description for the provider:
      hadoop.security.group.mapping.ldap.search.filter.group:
      An additional filter to use when searching for LDAP groups. This should be
      changed when resolving groups against a non-Active Directory installation.
      posixGroups are currently not a supported group class.

      1. HADOOP-9477.009.patch
        14 kB
        Dapeng Sun
      2. HADOOP-9477.008.patch
        13 kB
        Dapeng Sun
      3. HADOOP-9477.007.patch
        13 kB
        Dapeng Sun
      4. HADOOP-9477.006.patch
        10 kB
        Dapeng Sun
      5. HADOOP-9477.005.patch
        10 kB
        Dapeng Sun
      6. HADOOP-9477.004.patch
        9 kB
        Dapeng Sun
      7. HADOOP-9477.003.patch
        9 kB
        Charles Lamb
      8. HADOOP-9477.patch
        9 kB
        Dapeng Sun
      9. HADOOP-9477.patch
        9 kB
        Dapeng Sun

        Activity

        Kai Zheng created issue -
        Hide
        Kai Zheng added a comment -

        Here's a sample account and group.

        posixGroup group:

        dn: cn=ldapgroup,ou=Group,dc=example,dc=com
        objectClass: posixGroup
        objectClass: top
        cn: ldapgroup
        gidNumber: 700
        ...

        posixAccount account:

        dn: uid=ldapuser,ou=People,dc=example,dc=com
        uid: ldapuser
        cn: ldapuser
        objectClass: account
        objectClass: posixAccount
        loginShell: /bin/bash
        uidNumber: 600
        gidNumber: 700
        homeDirectory: /home/ldapuser
        ...

        Show
        Kai Zheng added a comment - Here's a sample account and group. posixGroup group: dn: cn=ldapgroup,ou=Group,dc=example,dc=com objectClass: posixGroup objectClass: top cn: ldapgroup gidNumber: 700 ... posixAccount account: dn: uid=ldapuser,ou=People,dc=example,dc=com uid: ldapuser cn: ldapuser objectClass: account objectClass: posixAccount loginShell: /bin/bash uidNumber: 600 gidNumber: 700 homeDirectory: /home/ldapuser ...
        Hide
        Daryn Sharp added a comment -

        The LdapGroupsMapping is highly configurable, so is there actually a bug in it? Untested, but something like the following config values should work:

        hadoop.security.group.mapping.ldap.search.filter.user  = (&(objectClass=posixAccount)(uid={0}))
        hadoop.security.group.mapping.ldap.search.filter.group = (objectClass=posixGroup)
        hadoop.security.group.mapping.ldap.search.attr.member  = gidNumber
        
        Show
        Daryn Sharp added a comment - The LdapGroupsMapping is highly configurable, so is there actually a bug in it? Untested, but something like the following config values should work: hadoop.security.group.mapping.ldap.search.filter.user = (&(objectClass=posixAccount)(uid={0})) hadoop.security.group.mapping.ldap.search.filter.group = (objectClass=posixGroup) hadoop.security.group.mapping.ldap.search.attr.member = gidNumber
        Hide
        Kai Zheng added a comment -

        Hi Daryn,

        Thanks for your comment.

        For posixGroups, possible procedure can be:
        userDn = ldap_lookup( (&(objectClass=posixAccount)(uid=

        {0})) )
        gidNumberX = userDn.gidNumber
        groupDn = ldap_lookup((&(objectClass=posixGroup)(gidNumber={0}

        )), gidNumberX )
        Then groupDn is the expected group for that user.
        Note here one user may have more groups.

        For the member attribute, it can only be used for group like:
        objectClass: XGroup
        groupName: testgroup
        member: user1
        member: user2

        For such group the procedure is something like below as current LdapGroupsMapping does:
        userDn = ...
        username = userDn.name
        groupDn = ldap_lookup(((&(objectClass=XGroup)(member=

        {0}

        )), username)
        Then groupDn is the expected group for that user.

        As you can see the procedure for posixGroups is different from current implementation. That’s why it requires extra effort.

        Show
        Kai Zheng added a comment - Hi Daryn, Thanks for your comment. For posixGroups, possible procedure can be: userDn = ldap_lookup( (&(objectClass=posixAccount)(uid= {0})) ) gidNumberX = userDn.gidNumber groupDn = ldap_lookup((&(objectClass=posixGroup)(gidNumber={0} )), gidNumberX ) Then groupDn is the expected group for that user. Note here one user may have more groups. For the member attribute, it can only be used for group like: objectClass: XGroup groupName: testgroup member: user1 member: user2 … For such group the procedure is something like below as current LdapGroupsMapping does: userDn = ... username = userDn.name groupDn = ldap_lookup(((&(objectClass=XGroup)(member= {0} )), username) Then groupDn is the expected group for that user. As you can see the procedure for posixGroups is different from current implementation. That’s why it requires extra effort.
        Dapeng Sun made changes -
        Field Original Value New Value
        Status Open [ 1 ] Patch Available [ 10002 ]
        Affects Version/s 2.0.4-alpha [ 12324135 ]
        Target Version/s 2.0.4-alpha [ 12324135 ]
        Dapeng Sun made changes -
        Attachment HADOOP-9477.patch [ 12581825 ]
        Hide
        Dapeng Sun added a comment -

        Hi,Kai

        As you note, regarding posix account we also need to consider multiple groups. We can use memberUid against posixGroups to get more groups. Thus the overall procedure would be:
        userDn = ldap_lookup( (&(objectClass=posixAccount)(cn=

        {0})), userName)

        gidNumber = userDn.gidNumber
        uidNumber = userDn.uidNumber
        groupDnList= ldap_lookup((&(objectClass=posixGroup)(|(gidNumber={0}

        )(memberUid=

        {1}

        )), [gidNumber, uidNumber])

        For detail, please see my patch.

        Show
        Dapeng Sun added a comment - Hi,Kai As you note, regarding posix account we also need to consider multiple groups. We can use memberUid against posixGroups to get more groups. Thus the overall procedure would be: userDn = ldap_lookup( (&(objectClass=posixAccount)(cn= {0})), userName) gidNumber = userDn.gidNumber uidNumber = userDn.uidNumber groupDnList= ldap_lookup((&(objectClass=posixGroup)(|(gidNumber={0} )(memberUid= {1} )), [gidNumber, uidNumber] ) For detail, please see my patch.
        Dapeng Sun made changes -
        Attachment HADOOP-9477.patch [ 12581825 ]
        Dapeng Sun made changes -
        Attachment HADOOP-9477.patch [ 12581855 ]
        Dapeng Sun made changes -
        Attachment HADOOP-9477.patch [ 12581898 ]
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch
        against trunk revision .

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2517//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2517//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . The javadoc tool did not generate any warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/2517//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/2517//console This message is automatically generated.
        Arun C Murthy made changes -
        Fix Version/s 2.3.0 [ 12324587 ]
        Fix Version/s 2.1.0-beta [ 12324030 ]
        Arun C Murthy made changes -
        Fix Version/s 2.3.0 [ 12325254 ]
        Fix Version/s 2.4.0 [ 12324587 ]
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch
        against trunk revision .

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/3493//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/3493//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . The javadoc tool did not generate any warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/3493//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/3493//console This message is automatically generated.
        Arun C Murthy made changes -
        Fix Version/s 2.4.0 [ 12326144 ]
        Fix Version/s 2.3.0 [ 12325254 ]
        Arun C Murthy made changes -
        Fix Version/s 2.5.0 [ 12326263 ]
        Fix Version/s 2.4.0 [ 12326144 ]
        Karthik Kambatla (Inactive) made changes -
        Fix Version/s 2.6.0 [ 12327179 ]
        Fix Version/s 2.5.0 [ 12326263 ]
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch
        against trunk revision .

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4476//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4476//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch against trunk revision . +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/4476//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/4476//console This message is automatically generated.
        Arun C Murthy made changes -
        Fix Version/s 2.7.0 [ 12327583 ]
        Fix Version/s 2.6.0 [ 12327179 ]
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch
        against trunk revision 1556f86.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5135//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5135//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12581898/HADOOP-9477.patch against trunk revision 1556f86. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. +1 contrib tests . The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5135//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5135//console This message is automatically generated.
        Hide
        Yongjun Zhang added a comment -

        Hi Kai Zheng,

        Thanks for your earlier work on this jira. May I know if it is possible to push it forward? Any concerns? Thanks.

        Show
        Yongjun Zhang added a comment - Hi Kai Zheng , Thanks for your earlier work on this jira. May I know if it is possible to push it forward? Any concerns? Thanks.
        Hide
        Charles Lamb added a comment -

        Kai Zheng,

        I have posted a rebased version of your patch with a few minor cleanups. Good catch on checking groupResults for null. I also put in a serial number for the patch number (I started with .003 since you already posted 2 of them).

        Show
        Charles Lamb added a comment - Kai Zheng , I have posted a rebased version of your patch with a few minor cleanups. Good catch on checking groupResults for null. I also put in a serial number for the patch number (I started with .003 since you already posted 2 of them).
        Charles Lamb made changes -
        Attachment HADOOP-9477.003.patch [ 12698127 ]
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12698127/HADOOP-9477.003.patch
        against trunk revision 22441ab.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        -1 core tests. The following test timeouts occurred in hadoop-common-project/hadoop-common:

        org.apache.hadoop.http.TestHttpServerLifecycle

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5656//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5656//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12698127/HADOOP-9477.003.patch against trunk revision 22441ab. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. -1 core tests . The following test timeouts occurred in hadoop-common-project/hadoop-common: org.apache.hadoop.http.TestHttpServerLifecycle Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5656//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5656//console This message is automatically generated.
        Hide
        Charles Lamb added a comment -

        TestHttpServerLifecycle passes on my local machine with the patch applied.

        Show
        Charles Lamb added a comment - TestHttpServerLifecycle passes on my local machine with the patch applied.
        Hide
        Charles Lamb added a comment -

        Kai Zheng,

        I was informed offline that it may have been a little uncool for me to post a patch. Sorry about that. My intent was only to give you my comments as changed code rather than to take over the patch and posting diffs seemed like the most expeditious way to do that. Apologies.

        Charles

        Show
        Charles Lamb added a comment - Kai Zheng , I was informed offline that it may have been a little uncool for me to post a patch. Sorry about that. My intent was only to give you my comments as changed code rather than to take over the patch and posting diffs seemed like the most expeditious way to do that. Apologies. Charles
        Hide
        Kai Zheng added a comment -

        Yongjun Zhang,

        Glad to know you're interested in this. Yes, we can move forward. Thanks !

        Show
        Kai Zheng added a comment - Yongjun Zhang , Glad to know you're interested in this. Yes, we can move forward. Thanks !
        Hide
        Kai Zheng added a comment -

        Hi Charles Lamb

        Thanks for your update and feedback. It's great and no problem at all. My colleague Dapeng Sun worked on this, would you mind if he continues to help on this with your work ? Thanks !

        Show
        Kai Zheng added a comment - Hi Charles Lamb Thanks for your update and feedback. It's great and no problem at all. My colleague Dapeng Sun worked on this, would you mind if he continues to help on this with your work ? Thanks !
        Hide
        Charles Lamb added a comment -

        That would be great. I'm happy to help.

        Show
        Charles Lamb added a comment - That would be great. I'm happy to help.
        Hide
        Dapeng Sun added a comment -

        Thank Kai Zheng and Charles Lamb , I will rebase the patch.

        Show
        Dapeng Sun added a comment - Thank Kai Zheng and Charles Lamb , I will rebase the patch.
        Dapeng Sun made changes -
        Assignee Kai Zheng [ drankye ] Dapeng Sun [ dapengsun ]
        Hide
        Kai Zheng added a comment -

        Hi Dapeng Sun,

        Thanks ! Please note you can continue based on Charles Lamb's version. I thought his may be already sync-ed with latest codes though I didn't check.

        Show
        Kai Zheng added a comment - Hi Dapeng Sun , Thanks ! Please note you can continue based on Charles Lamb 's version. I thought his may be already sync-ed with latest codes though I didn't check.
        Dapeng Sun made changes -
        Attachment HADOOP-9477.004.patch [ 12698305 ]
        Hide
        Dapeng Sun added a comment -

        Unit Tests passed in my local environment.
        Thank you for your reminder, Kai
        Hi Yongjun Zhang and Charles Lamb , if you have any comments, please feel free to let me know.

        Show
        Dapeng Sun added a comment - Unit Tests passed in my local environment. Thank you for your reminder, Kai Hi Yongjun Zhang and Charles Lamb , if you have any comments, please feel free to let me know.
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12698305/HADOOP-9477.004.patch
        against trunk revision 65c69e2.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5666//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5666//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12698305/HADOOP-9477.004.patch against trunk revision 65c69e2. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5666//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5666//console This message is automatically generated.
        Hide
        Charles Lamb added a comment -

        Hi Dapeng Sun,

        As near as I can tell, the .004 patch is the same as the .003 patch that I posted, right? If so, then I'm happy with it. +1 (non-binding).

        Thanks.

        Charles

        Show
        Charles Lamb added a comment - Hi Dapeng Sun , As near as I can tell, the .004 patch is the same as the .003 patch that I posted, right? If so, then I'm happy with it. +1 (non-binding). Thanks. Charles
        Hide
        Dapeng Sun added a comment -

        Hi Charles Lamb

        Yes, they are same patch, I just downloaded your updated patch and generate a new patch in my local. If you have any comments, please feel free to let me know.

        Regards
        Dapeng

        Show
        Dapeng Sun added a comment - Hi Charles Lamb Yes, they are same patch , I just downloaded your updated patch and generate a new patch in my local. If you have any comments, please feel free to let me know. Regards Dapeng
        Hide
        Dapeng Sun added a comment -

        Thanks Charles Lamb for helping to update the patch, I'm agreed with your changes on the original, sorry for I didn't point out these.

        Show
        Dapeng Sun added a comment - Thanks Charles Lamb for helping to update the patch, I'm agreed with your changes on the original, sorry for I didn't point out these.
        Hide
        Yongjun Zhang added a comment -

        Hi Kai Zheng, Dapeng Sun and Charles Lamb,

        Thanks for the help to push this forward!

        I review the patch, it looks good. I have one minor nit:

        The check of the code below

          if (groupSearchFilter.contains(POSIX_GROUP)
                  && userSearchFilter.contains(POSIX_USER)) {
        

        can be replaced with a boolean variable to be set right after we do

           groupSearchFilter =
                conf.get(GROUP_SEARCH_FILTER_KEY, GROUP_SEARCH_FILTER_DEFAULT);
            userSearchFilter =
                conf.get(USER_SEARCH_FILTER_KEY, USER_SEARCH_FILTER_DEFAULT);
        

        in setConf(Configuration conf), so we don't have to do the contains checking each time when doGetGroups is called.

        Thanks.

        Show
        Yongjun Zhang added a comment - Hi Kai Zheng , Dapeng Sun and Charles Lamb , Thanks for the help to push this forward! I review the patch, it looks good. I have one minor nit: The check of the code below if (groupSearchFilter.contains(POSIX_GROUP) && userSearchFilter.contains(POSIX_USER)) { can be replaced with a boolean variable to be set right after we do groupSearchFilter = conf.get(GROUP_SEARCH_FILTER_KEY, GROUP_SEARCH_FILTER_DEFAULT); userSearchFilter = conf.get(USER_SEARCH_FILTER_KEY, USER_SEARCH_FILTER_DEFAULT); in setConf(Configuration conf) , so we don't have to do the contains checking each time when doGetGroups is called. Thanks.
        Dapeng Sun made changes -
        Attachment HADOOP-9477.005.patch [ 12698636 ]
        Hide
        Dapeng Sun added a comment -

        Good suggestion, Yongjun. I had updated the patch, please help to review if you have time.

        Show
        Dapeng Sun added a comment - Good suggestion, Yongjun. I had updated the patch, please help to review if you have time.
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12698636/HADOOP-9477.005.patch
        against trunk revision b0d81e0.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5681//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5681//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12698636/HADOOP-9477.005.patch against trunk revision b0d81e0. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5681//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5681//console This message is automatically generated.
        Hide
        Yongjun Zhang added a comment -

        HI Dapeng Sun,

        Thanks for the new rev. I have a question and couple of nits that you can defer to later when taking care of other review comments.

        • When isPosix is true, is it an error if any of gitAttribute and uidAttribute is null? or this is a valid scenario (in this case, no group will be found for the user)?
        • change "POSIX_GIDNUMBER" to " POSIX_GIDNUMBER" (add a space to be consistent)
        • Line 371 you added to assign isPosix exceed 80 characters (some other lines that you did not touch in this file also exceeds 80 chars, up to you whether to fix all of them together or defer to later).

        BTW, Have you got chance to test it out in a real environment?

        Thanks.

        Show
        Yongjun Zhang added a comment - HI Dapeng Sun , Thanks for the new rev. I have a question and couple of nits that you can defer to later when taking care of other review comments. When isPosix is true, is it an error if any of gitAttribute and uidAttribute is null? or this is a valid scenario (in this case, no group will be found for the user)? change " POSIX_GIDNUMBER" to " POSIX_GIDNUMBER" (add a space to be consistent) Line 371 you added to assign isPosix exceed 80 characters (some other lines that you did not touch in this file also exceeds 80 chars, up to you whether to fix all of them together or defer to later). BTW, Have you got chance to test it out in a real environment? Thanks.
        Hide
        Yongjun Zhang added a comment -

        Another one: why public static final String POSIX_USER = "posixAccount"; is not public static final String POSIX_USER = "posixUser";?
        thanks.

        Show
        Yongjun Zhang added a comment - Another one: why public static final String POSIX_USER = "posixAccount"; is not public static final String POSIX_USER = "posixUser"; ? thanks.
        Hide
        Dapeng Sun added a comment -

        Hi Yongjun

        Thank you very much for your comments, really sorry for late reply.

        When isPosix is true, is it an error if any of gitAttribute and uidAttribute is null? or this is a valid scenario (in this case, no group will be found for the user)?

        Good suggestion, it will be an improvement to check the configuration. Not only for posix, but also for normal ldap model. Do you think it is possible to let me file another jira to fix it.

        change "POSIX_GIDNUMBER" to " POSIX_GIDNUMBER" (add a space to be consistent)

        Good suggestion, I will fix it in next patch.

        Line 371 you added to assign isPosix exceed 80 characters (some other lines that you did not touch in this file also exceeds 80 chars, up to you whether to fix all of them together or defer to later).

        Yes, some code in this file even exceed 100 characters. These should be fixed. I will fix my new lines in next patch, do you think it is possible to let me file another jira to fix others.

        Have you got chance to test it out in a real environment?

        Yes, I created the posix user\group example in a real ldap environment, the Unit test is also created based on it.

        why public static final String POSIX_USER = "posixAccount"; is not public static final String POSIX_USER = "posixUser";?

        I will rename POSIX_USER to POSIX_ACCOUNT in next patch since posixAccount is on LDAP specification and we may can't change it. http://docs.oracle.com/cd/E19693-01/819-0986/6n3chgmli/index.html#NAME . Thank again for your good suggestion.

        Regards
        Dapeng

        Show
        Dapeng Sun added a comment - Hi Yongjun Thank you very much for your comments, really sorry for late reply. When isPosix is true, is it an error if any of gitAttribute and uidAttribute is null? or this is a valid scenario (in this case, no group will be found for the user)? Good suggestion, it will be an improvement to check the configuration. Not only for posix, but also for normal ldap model. Do you think it is possible to let me file another jira to fix it. change "POSIX_GIDNUMBER" to " POSIX_GIDNUMBER" (add a space to be consistent) Good suggestion, I will fix it in next patch. Line 371 you added to assign isPosix exceed 80 characters (some other lines that you did not touch in this file also exceeds 80 chars, up to you whether to fix all of them together or defer to later). Yes, some code in this file even exceed 100 characters. These should be fixed. I will fix my new lines in next patch, do you think it is possible to let me file another jira to fix others. Have you got chance to test it out in a real environment? Yes, I created the posix user\group example in a real ldap environment, the Unit test is also created based on it. why public static final String POSIX_USER = "posixAccount"; is not public static final String POSIX_USER = "posixUser";? I will rename POSIX_USER to POSIX_ACCOUNT in next patch since posixAccount is on LDAP specification and we may can't change it. http://docs.oracle.com/cd/E19693-01/819-0986/6n3chgmli/index.html#NAME . Thank again for your good suggestion. Regards Dapeng
        Dapeng Sun made changes -
        Attachment HADOOP-9477.006.patch [ 12699059 ]
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12699059/HADOOP-9477.006.patch
        against trunk revision ab0b958.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5708//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5708//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12699059/HADOOP-9477.006.patch against trunk revision ab0b958. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5708//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5708//console This message is automatically generated.
        Hide
        Yongjun Zhang added a comment -

        HI Dapeng Sun,

        Really sorry for getting back late.

        Thanks for addressing my earlier comments. I did another round of review, the patch looks pretty good, one suggestion is to consolidate TestLdapGroupsMapping and TestLdapGroupsMappingWithPosixGroup, by refactoring the shared code to a common parent class.

        Good suggestion, it will be an improvement to check the configuration. Not only for posix, but also for normal ldap model. Do you think it is possible to let me file another jira to fix it.

        I think it's ok to have a follow-up jira for the checking.

        BTW, I also invited Aaron T. Myers to help looking at the patch from his perspective, thanks ATM.

        Thanks.

        Show
        Yongjun Zhang added a comment - HI Dapeng Sun , Really sorry for getting back late. Thanks for addressing my earlier comments. I did another round of review, the patch looks pretty good, one suggestion is to consolidate TestLdapGroupsMapping and TestLdapGroupsMappingWithPosixGroup, by refactoring the shared code to a common parent class. Good suggestion, it will be an improvement to check the configuration. Not only for posix, but also for normal ldap model. Do you think it is possible to let me file another jira to fix it. I think it's ok to have a follow-up jira for the checking. BTW, I also invited Aaron T. Myers to help looking at the patch from his perspective, thanks ATM. Thanks.
        Allen Wittenauer made changes -
        Fix Version/s 2.7.0 [ 12327583 ]
        Dapeng Sun made changes -
        Attachment HADOOP-9477.007.patch [ 12703921 ]
        Dapeng Sun made changes -
        Attachment HADOOP-9477.008.patch [ 12703922 ]
        Hide
        Dapeng Sun added a comment -

        Hi Yongjun Zhang
        Thank you very much for your comments, I'm totally agreed with you, I had updated the patch. If you have any comments, please feel free to let me know.

        Regards
        Dapeng

        Show
        Dapeng Sun added a comment - Hi Yongjun Zhang Thank you very much for your comments, I'm totally agreed with you, I had updated the patch. If you have any comments, please feel free to let me know. Regards Dapeng
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12703922/HADOOP-9477.008.patch
        against trunk revision 30c428a.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5915//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5915//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12703922/HADOOP-9477.008.patch against trunk revision 30c428a. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 1 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5915//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5915//console This message is automatically generated.
        Dapeng Sun made changes -
        Attachment HADOOP-9477.009.patch [ 12704068 ]
        Hide
        Dapeng Sun added a comment -

        Thank Yongjun Zhang for your feedback via email, I updated the patch.

        Show
        Dapeng Sun added a comment - Thank Yongjun Zhang for your feedback via email, I updated the patch.
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12704068/HADOOP-9477.009.patch
        against trunk revision 7a346bc.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 3 new or modified test files.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 javadoc. There were no new javadoc warning messages.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 2.0.3) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-common.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5921//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5921//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall . Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12704068/HADOOP-9477.009.patch against trunk revision 7a346bc. +1 @author . The patch does not contain any @author tags. +1 tests included . The patch appears to include 3 new or modified test files. +1 javac . The applied patch does not increase the total number of javac compiler warnings. +1 javadoc . There were no new javadoc warning messages. +1 eclipse:eclipse . The patch built with eclipse:eclipse. +1 findbugs . The patch does not introduce any new Findbugs (version 2.0.3) warnings. +1 release audit . The applied patch does not increase the total number of release audit warnings. +1 core tests . The patch passed unit tests in hadoop-common-project/hadoop-common. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/5921//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/5921//console This message is automatically generated.
        Hide
        Yongjun Zhang added a comment -

        Thanks Dapeng!

        +1 pending on jenkins. I will commit tomorrow if jenkins test passes and no comments from other folks.

        Show
        Yongjun Zhang added a comment - Thanks Dapeng! +1 pending on jenkins. I will commit tomorrow if jenkins test passes and no comments from other folks.
        Hide
        Dapeng Sun added a comment -

        Thanks Yongjun for your review and help.

        Show
        Dapeng Sun added a comment - Thanks Yongjun for your review and help.
        Yongjun Zhang made changes -
        Issue Type Improvement [ 4 ] New Feature [ 2 ]
        Yongjun Zhang made changes -
        Summary posixGroups support for LDAP groups mapping service Add posixGroups support for LDAP groups mapping service
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-trunk-Commit #7313 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7313/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #7313 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7313/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        Hide
        Yongjun Zhang added a comment -

        I committed to trunk and branch-2.

        Thanks Dapeng Sun for the contribution, Kai Zheng for creating the jira, Daryn Sharp and Charles Lamb for the review.

        Show
        Yongjun Zhang added a comment - I committed to trunk and branch-2. Thanks Dapeng Sun for the contribution, Kai Zheng for creating the jira, Daryn Sharp and Charles Lamb for the review.
        Yongjun Zhang made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Fix Version/s 2.8.0 [ 12329058 ]
        Resolution Fixed [ 1 ]
        Hide
        Yongjun Zhang added a comment -

        HI Dapeng Sun,

        I changed the jira to "New Feature". Would you please update the release note section of the jira about the feature? thanks.

        Show
        Yongjun Zhang added a comment - HI Dapeng Sun , I changed the jira to "New Feature". Would you please update the release note section of the jira about the feature? thanks.
        Yongjun Zhang made changes -
        Hadoop Flags Reviewed [ 10343 ]
        Hide
        Dapeng Sun added a comment -

        Thanks Yongjun Zhang for helping commit it. Also thanks Kai Zheng, Daryn Sharp and Charles Lamb for your help.

        I will update the release note, thanks Yongjun Zhang again for your reminder.

        Show
        Dapeng Sun added a comment - Thanks Yongjun Zhang for helping commit it. Also thanks Kai Zheng, Daryn Sharp and Charles Lamb for your help. I will update the release note , thanks Yongjun Zhang again for your reminder.
        Dapeng Sun made changes -
        Release Note Add posixGroups support for LDAP groups mapping service. The change in LDAPGroupMapping is compatible with previous scenario. In LDAP, the group mapping between {{posixAccount}} and {{posixGroup}} is different from the general LDAPGroupMapping, one of the differences is the {{"memberUid"}} will be used to mapping {{posixAccount}} and {{posixGroup}}. The feature will handle the mapping in internal when configuration {{hadoop.security.group.mapping.ldap.search.filter.user}} is set as "posixAccount" and {{hadoop.security.group.mapping.ldap.search.filter.group}} is "posixGroup".
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #131 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/131/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #131 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/131/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        Hide
        Hudson added a comment -

        SUCCESS: Integrated in Hadoop-Yarn-trunk #865 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/865/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - SUCCESS: Integrated in Hadoop-Yarn-trunk #865 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/865/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk #2081 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2081/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #2081 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2081/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk #2063 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2063/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #2063 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2063/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #122 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/122/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #122 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/122/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #131 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/131/)
        HADOOP-9477. Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b)

        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java
        • hadoop-common-project/hadoop-common/CHANGES.txt
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java
        • hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #131 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/131/ ) HADOOP-9477 . Add posixGroups support for LDAP groups mapping service. (Dapeng Sun via Yongjun Zhang) (yzhang: rev 82128774156c30a535b62d764bb6cf9c8d2f3a3b) hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMapping.java hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/LdapGroupsMapping.java hadoop-common-project/hadoop-common/CHANGES.txt hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingWithPosixGroup.java hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestLdapGroupsMappingBase.java
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-trunk-Commit #7331 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7331/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #7331 (See https://builds.apache.org/job/Hadoop-trunk-Commit/7331/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Yarn-trunk #869 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/869/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk #869 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/869/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #135 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/135/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #135 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/135/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #126 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/126/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #126 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/126/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Hdfs-trunk #2067 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2067/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #2067 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2067/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #135 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/135/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #135 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/135/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        FAILURE: Integrated in Hadoop-Mapreduce-trunk #2085 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2085/)
        HADOOP-9477. Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c)

        • hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #2085 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2085/ ) HADOOP-9477 . Amendment to CHANGES.txt. (yzhang: rev d1eebd9c9c1fed5877ef2665959e9bd1485d080c) hadoop-common-project/hadoop-common/CHANGES.txt
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Patch Available Patch Available
        19d 9h 19m 1 Dapeng Sun 05/May/13 15:59
        Patch Available Patch Available Resolved Resolved
        676d 7h 18m 1 Yongjun Zhang 12/Mar/15 22:17

          People

          • Assignee:
            Dapeng Sun
            Reporter:
            Kai Zheng
          • Votes:
            2 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 168h
              168h
              Remaining:
              Remaining Estimate - 168h
              168h
              Logged:
              Time Spent - Not Specified
              Not Specified

                Development