Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-7146

NFS ID/Group lookup requires SSSD enumeration on the server

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.6.0
    • Fix Version/s: 2.7.0
    • Component/s: nfs
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      The current implementation of the NFS UID and GID lookup works by running 'getent passwd' with an assumption that it will return the entire list of users available on the OS, local and remote (AD/etc.).

      This behaviour of the command is advised to be and is prevented by administrators in most secure setups to avoid excessive load to the ADs involved, as the # of users to be listed may be too large, and the repeated requests of ALL users not present in the cache would be too much for the AD infrastructure to bear.

      The NFS server should likely do lookups based on a specific UID request, via 'getent passwd <UID>', if the UID does not match a cached value. This reduces load on the LDAP backed infrastructure.

      Thanks Harsh J for reporting the issue.

        Attachments

        1. HDFS-7146.005.patch
          20 kB
          Yongjun Zhang
        2. HDFS-7146.004.patch
          18 kB
          Yongjun Zhang
        3. HDFS-7146.003.patch
          17 kB
          Yongjun Zhang
        4. HDFS-7146.002.allIncremental.patch
          18 kB
          Yongjun Zhang
        5. HDFS-7146.001.patch
          15 kB
          Yongjun Zhang

          Issue Links

            Activity

              People

              • Assignee:
                yzhangal Yongjun Zhang
                Reporter:
                yzhangal Yongjun Zhang
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: