giraph-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eugene Koontz (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (GIRAPH-212) Security is busted since GIRAPH-168
Date Fri, 29 Jun 2012 20:41:44 GMT

     [ https://issues.apache.org/jira/browse/GIRAPH-212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Eugene Koontz updated GIRAPH-212:
---------------------------------

    Attachment: GIRAPH-212.patch

This patch allows Giraph to run on a secure Hadoop 1.0 install. The problem was that Hadoop
1.0 does indeed use SASL authentication at the RPC layer, and this was wrongly being omitted
by GIRAPH-168. This patch fixes the problem by removing the HADOOP_NON_SASL_RPC munge flag,
so that SASL with Hadoop RPC is activated for all secure profiles.

It also reduces the usage of munge by moving secure rpc-related code from the existing RPCCommunications
class to a new  SecureRPCCommunications class that is omitted from compilation in non-secure
profiles (hadoop_non_secure, hadoop_facebook).


A new HADOOP_NON_JOBCONTEXT_IS_INTERFACE munge flag is used to make a distinction that was
formerly covered by HADOOP_NON_SASL_RPC. This new flag distinguishes the Hadoop 1.0 and earlier
set of profiles (hadoop_non_secure, hadoop_0.20.203 and hadoop_1.0) on the one hand, and Facebook
and 2.0+ profiles, on the other (hadoop_facebook, hadoop_2.0.0, hadoop_trunk). 

Passes mvn -PX clean verify for all X:{hadoop_non_secure, hadoop_0.20.203, hadoop_1.0,hadoop_2.0.0,hadoop_trunk}.


Still getting some test errors for hadoop_facebook which I am investigating.
                
> Security is busted since GIRAPH-168
> -----------------------------------
>
>                 Key: GIRAPH-212
>                 URL: https://issues.apache.org/jira/browse/GIRAPH-212
>             Project: Giraph
>          Issue Type: Bug
>          Components: build
>    Affects Versions: 0.2.0
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>            Priority: Critical
>             Fix For: 0.2.0
>
>         Attachments: GIRAPH-212.patch, core-site.xml, hdfs-site.xml, mapred-site.xml
>
>
> As reported on the mailing list and verified here on our clusters, something's gone screwy
with Giraph jobs on secure hadoop.  I reverted back before GIRAPH-168 and this goes away,
although I've not found out what it is yet (and may not be 168).  
> RPC clients are trying to open connections with the wrong configuration relative to the
servers.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message