ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-346

remove the kill command fro mthe client port.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0, 3.0.1, 3.1.0
    • Fix Version/s: 3.2.0
    • Component/s: None
    • Labels:
      None
    • Hadoop Flags:
      Incompatible change, Reviewed
    • Release Note:
      removed the kill command from the client port.

      Description

      we should just remove the kill command from the client port. Its a security risk (though we do not have much security right now) to be able to kill the server from a tcp port without any authentication...

      1. ZOOKEEPER-346.patch
        4 kB
        Mahadev konar
      2. ZOOKEEPER-346.patch
        4 kB
        Patrick Hunt

        Activity

        Hide
        Patrick Hunt added a comment -

        +1 - esp as we now have similar capabilities through JMX.

        Show
        Patrick Hunt added a comment - +1 - esp as we now have similar capabilities through JMX.
        Hide
        Patrick Hunt added a comment -

        this patch removes the kill command, updates the docs, and also updates the zkServer.sh script to use pids and unix "kill" cli to manage the process.

        Note: I removed kill entirely due to it's potential security issues. There was
        consideration to keep it defaulted to off, but in the end if you have local
        access to the server there is no reason not to just use command line kill,
        fuser, JMX, whatever.

        I also included a small change to the build.xml to allow either the java or cppunit tests to be run individually.

        Show
        Patrick Hunt added a comment - this patch removes the kill command, updates the docs, and also updates the zkServer.sh script to use pids and unix "kill" cli to manage the process. Note: I removed kill entirely due to it's potential security issues. There was consideration to keep it defaulted to off, but in the end if you have local access to the server there is no reason not to just use command line kill, fuser, JMX, whatever. I also included a small change to the build.xml to allow either the java or cppunit tests to be run individually.
        Hide
        Patrick Hunt added a comment -

        submitting this patch - there are no tests, code/feature was removed.

        Show
        Patrick Hunt added a comment - submitting this patch - there are no tests, code/feature was removed.
        Hide
        Mahadev konar added a comment -

        just changed the script to gracefully error out in case its not able to find the pid file. other than that +1. ill wait for hudson to run through it.

        Show
        Mahadev konar added a comment - just changed the script to gracefully error out in case its not able to find the pid file. other than that +1. ill wait for hudson to run through it.
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12405698/ZOOKEEPER-346.patch
        against trunk revision 765797.

        +1 @author. The patch does not contain any @author tags.

        -1 tests included. The patch doesn't appear to include any new or modified tests.
        Please justify why no tests are needed for this patch.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 findbugs. The patch does not introduce any new Findbugs warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed core unit tests.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/testReport/
        Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
        Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12405698/ZOOKEEPER-346.patch against trunk revision 765797. +1 @author. The patch does not contain any @author tags. -1 tests included. The patch doesn't appear to include any new or modified tests. Please justify why no tests are needed for this patch. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-vesta.apache.org/35/console This message is automatically generated.
        Hide
        Mahadev konar added a comment -

        I just committed this. thanks pat.

        Show
        Mahadev konar added a comment - I just committed this. thanks pat.
        Hide
        Hudson added a comment -

        Integrated in ZooKeeper-trunk #284 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/284/)
        . remove the kill command fro mthe client port. (phunt via mahadev)

        Show
        Hudson added a comment - Integrated in ZooKeeper-trunk #284 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/284/ ) . remove the kill command fro mthe client port. (phunt via mahadev)

          People

          • Assignee:
            Patrick Hunt
            Reporter:
            Mahadev konar
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development