[HDFS-6829] DFSAdmin refreshSuperUserGroupsConfiguration failed in security cluster - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.4.1
Fix Version/s: 2.6.0
Component/s: tools
Labels:
None

Hadoop Flags:

Reviewed

Description

When we run command "hadoop dfsadmin -refreshSuperUserGroupsConfiguration", it failed and report below message:
14/08/05 21:32:06 WARN security.MultiRealmUserAuthentication: The serverPrincipal = doesn't confirm to the standards
refreshSuperUserGroupsConfiguration: null

After check the code, I found the bug was triggered by below reasons:
1. We didn't set CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY, which needed by RefreshUserMappingsProtocol. And in DFSAdmin, if no CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY set, it will try to use DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY: conf.set(CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY, conf.get(DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, ""));
2. But we set DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY in hdfs-site.xml
3. DFSAdmin didn't load hdfs-site.xml

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-6829.patch
06/Aug/14 07:20
0.6 kB
yunjiong zhao

Activity

People

Assignee:: yunjiong zhao

Reporter:: yunjiong zhao

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 06/Aug/14 07:16

Updated:: 01/Dec/14 03:07

Resolved:: 22/Aug/14 18:16