Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-6742

Audit operation category mismatch

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.3.0
    • SCM

    Description

      AddSCM operation is logged in audit as a "read" operation, which is by default ignored. It should be "write", since it changes state.

        @Override
        public boolean addSCM(AddSCMRequest request) throws IOException {
          LOG.debug("Adding SCM {} addr {} cluster id {}",
              request.getScmId(), request.getRatisAddr(), request.getClusterId());
      
      
          Map<String, String> auditMap = Maps.newHashMap();
          auditMap.put("scmId", String.valueOf(request.getScmId()));
          auditMap.put("cluster", String.valueOf(request.getClusterId()));
          auditMap.put("addr", String.valueOf(request.getRatisAddr()));
          boolean auditSuccess = true;
          try {
            return scm.getScmHAManager().addSCM(request);
          } catch (Exception ex) {
            auditSuccess = false;
            AUDIT.logReadFailure(
                buildAuditMessageForFailure(SCMAction.ADD_SCM, auditMap, ex)
            );
            throw ex;
          } finally {
            if (auditSuccess) {
              AUDIT.logReadSuccess(
                  buildAuditMessageForSuccess(SCMAction.ADD_SCM, auditMap)
              );
            }
          }
        }
      

      There are a few more examples both ways (read should be write or write should be read).

      Attachments

        Issue Links

          Activity

            People

              adoroszlai Attila Doroszlai
              adoroszlai Attila Doroszlai
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: