hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From omal...@apache.org
Subject svn commit: r1077344 - in /hadoop/common/branches/branch-0.20-security-patches/src: core/org/apache/hadoop/ipc/ core/org/apache/hadoop/security/ core/org/apache/hadoop/security/authorize/ core/org/apache/hadoop/util/ test/org/apache/hadoop/fs/
Date Fri, 04 Mar 2011 04:05:34 GMT
Author: omalley
Date: Fri Mar  4 04:05:34 2011
New Revision: 1077344

URL: http://svn.apache.org/viewvc?rev=1077344&view=rev
Log:
commit 5e29a900da2273e18e5d17c04b17d0cb51f73dd2
Author: Boris Shkolnik <borya@yahoo-inc.com>
Date:   Fri Mar 19 10:10:35 2010 -0700

    HADOOP:6644 from https://issues.apache.org/jira/secure/attachment/12439243/HADOOP-6644-BP20.patch
    
    +++ b/YAHOO-CHANGES.txt
    +    HADOOP-6644. util.Shell getGROUPS_FOR_USER_COMMAND method
    +   name - should use common naming convention (boryas)
    +

Modified:
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/ShellBasedUnixGroupsMapping.java
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
    hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/util/Shell.java
    hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestLocalFileSystemPermission.java

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java?rev=1077344&r1=1077343&r2=1077344&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/ipc/Server.java
Fri Mar  4 04:05:34 2011
@@ -119,7 +119,7 @@ public abstract class Server {
   static final int IPC_SERVER_RPC_MAX_RESPONSE_SIZE_DEFAULT = 1024*1024;
   
   public static final Log LOG = LogFactory.getLog(Server.class);
-  public static final Log auditLOG = 
+  private static final Log AUDITLOG = 
     LogFactory.getLog("SecurityLogger."+Server.class.getName());
   private static final String AUTH_FAILED_FOR = "Auth failed for ";
   private static final String AUTH_SUCCESSFULL_FOR = "Auth successfull for "; 
@@ -932,7 +932,7 @@ public abstract class Server {
           rpcMetrics.authenticationFailures.inc();
           String clientIP = this.toString();
           // attempting user could be null
-          auditLOG.warn(AUTH_FAILED_FOR + clientIP + ":" + attemptingUser, e);
+          AUDITLOG.warn(AUTH_FAILED_FOR + clientIP + ":" + attemptingUser, e);
           throw e;
         }
         if (replyToken != null) {
@@ -950,7 +950,7 @@ public abstract class Server {
           user = getAuthorizedUgi(saslServer.getAuthorizationID());
           LOG.info("SASL server successfully authenticated client: " + user);
           rpcMetrics.authenticationSuccesses.inc();
-          auditLOG.info(AUTH_SUCCESSFULL_FOR + user);
+          AUDITLOG.info(AUTH_SUCCESSFULL_FOR + user);
           saslContextEstablished = true;
         }
       } else {
@@ -1328,12 +1328,21 @@ public abstract class Server {
   }
   
   protected Server(String bindAddress, int port,
-                  Class<? extends Writable> paramClass, int handlerCount, 
-                  Configuration conf)
-    throws IOException 
+      Class<? extends Writable> paramClass, int handlerCount, 
+      Configuration conf)
+  throws IOException 
   {
     this(bindAddress, port, paramClass, handlerCount,  conf, Integer.toString(port), null);
   }
+
+  protected Server(String bindAddress, int port,
+      Class<? extends Writable> paramClass, int handlerCount, 
+      Configuration conf, String serverName)
+  throws IOException 
+  {
+    this(bindAddress, port, paramClass, handlerCount,  conf, serverName, null);
+  }
+  
   /** Constructs a server listening on the named port and address.  Parameters passed must
    * be of the named class.  The <code>handlerCount</handlerCount> determines
    * the number of handler threads that will be used to process calls.

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/ShellBasedUnixGroupsMapping.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/ShellBasedUnixGroupsMapping.java?rev=1077344&r1=1077343&r2=1077344&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/ShellBasedUnixGroupsMapping.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/ShellBasedUnixGroupsMapping.java
Fri Mar  4 04:05:34 2011
@@ -60,7 +60,7 @@ public class ShellBasedUnixGroupsMapping
   private static List<String> getUnixGroups(final String user) throws IOException {
     String result = "";
     try {
-      result = Shell.execCommand(Shell.getGROUPS_FOR_USER_COMMAND(user));
+      result = Shell.execCommand(Shell.getGroupsForUserCommand(user));
     } catch (ExitCodeException e) {
       // if we didn't get the group - just return empty list;
       LOG.warn("got exception trying to get groups for user " + user, e);

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java?rev=1077344&r1=1077343&r2=1077344&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/security/authorize/ServiceAuthorizationManager.java
Fri Mar  4 04:05:34 2011
@@ -50,7 +50,7 @@ public class ServiceAuthorizationManager
   public static final String SERVICE_AUTHORIZATION_CONFIG = 
     "hadoop.security.authorization";
   
-  public static final Log auditLOG =
+  private static final Log AUDITLOG =
     LogFactory.getLog("SecurityLogger."+ServiceAuthorizationManager.class.getName());
 
   private static final String AUTHZ_SUCCESSFULL_FOR = "Authorization successfull for ";
@@ -99,12 +99,12 @@ public class ServiceAuthorizationManager
     }
     if((clientPrincipal != null && !clientPrincipal.equals(user.getUserName())) ||

         !acl.isUserAllowed(user)) {
-      auditLOG.warn(AUTHZ_FAILED_FOR + user + " for protocol="+protocol);
+      AUDITLOG.warn(AUTHZ_FAILED_FOR + user + " for protocol="+protocol);
       throw new AuthorizationException("User " + user + 
           " is not authorized for protocol " + 
           protocol);
     }
-    auditLOG.info(AUTHZ_SUCCESSFULL_FOR + user + " for protocol="+protocol);
+    AUDITLOG.info(AUTHZ_SUCCESSFULL_FOR + user + " for protocol="+protocol);
   }
 
   public static synchronized void refresh(Configuration conf,

Modified: hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/util/Shell.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/util/Shell.java?rev=1077344&r1=1077343&r2=1077344&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/util/Shell.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/core/org/apache/hadoop/util/Shell.java
Fri Mar  4 04:05:34 2011
@@ -44,11 +44,11 @@ abstract public class Shell {
   /** a Unix command to get the current user's name */
   public final static String USER_NAME_COMMAND = "whoami";
   /** a Unix command to get the current user's groups list */
-  public static String[] getGROUPS_COMMAND() {
+  public static String[] getGroupsCommand() {
     return new String[]{"bash", "-c", "groups"};
   }
   /** a Unix command to get a given user's groups list */
-  public static String[] getGROUPS_FOR_USER_COMMAND(final String user) {
+  public static String[] getGroupsForUserCommand(final String user) {
     //'groups username' command return is non-consistent across different unixes
     return new String [] {"bash", "-c", "id -Gn " + user};
   }

Modified: hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestLocalFileSystemPermission.java
URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestLocalFileSystemPermission.java?rev=1077344&r1=1077343&r2=1077344&view=diff
==============================================================================
--- hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestLocalFileSystemPermission.java
(original)
+++ hadoop/common/branches/branch-0.20-security-patches/src/test/org/apache/hadoop/fs/TestLocalFileSystemPermission.java
Fri Mar  4 04:05:34 2011
@@ -144,7 +144,7 @@ public class TestLocalFileSystemPermissi
 
   static List<String> getGroups() throws IOException {
     List<String> a = new ArrayList<String>();
-    String s = Shell.execCommand(Shell.getGROUPS_COMMAND());
+    String s = Shell.execCommand(Shell.getGroupsCommand());
     for(StringTokenizer t = new StringTokenizer(s); t.hasMoreTokens(); ) {
       a.add(t.nextToken());
     }



Mime
View raw message