Return-Path: Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org Received: (qmail 75999 invoked from network); 18 Mar 2010 01:10:51 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 18 Mar 2010 01:10:51 -0000 Received: (qmail 70547 invoked by uid 500); 18 Mar 2010 01:10:50 -0000 Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org Received: (qmail 70523 invoked by uid 500); 18 Mar 2010 01:10:50 -0000 Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-issues@hadoop.apache.org Delivered-To: mailing list common-issues@hadoop.apache.org Received: (qmail 70515 invoked by uid 99); 18 Mar 2010 01:10:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Mar 2010 01:10:50 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Mar 2010 01:10:48 +0000 Received: from brutus.apache.org (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 74BAB234C4C1 for ; Thu, 18 Mar 2010 01:10:27 +0000 (UTC) Message-ID: <1924328528.332381268874627477.JavaMail.jira@brutus.apache.org> Date: Thu, 18 Mar 2010 01:10:27 +0000 (UTC) From: "Konstantin Boudnik (JIRA)" To: common-issues@hadoop.apache.org Subject: [jira] Commented: (HADOOP-6566) Hadoop daemons should not start up if the ownership/permissions on the directories used at runtime are misconfigured In-Reply-To: <1646510502.255391266089668085.JavaMail.jira@brutus.apache.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/HADOOP-6566?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12846708#action_12846708 ] Konstantin Boudnik commented on HADOOP-6566: -------------------------------------------- +1 on the patch. Looks good. > Hadoop daemons should not start up if the ownership/permissions on the directories used at runtime are misconfigured > -------------------------------------------------------------------------------------------------------------------- > > Key: HADOOP-6566 > URL: https://issues.apache.org/jira/browse/HADOOP-6566 > Project: Hadoop Common > Issue Type: New Feature > Components: security > Affects Versions: 0.22.0 > Reporter: Devaraj Das > Assignee: Arun C Murthy > Fix For: 0.22.0 > > Attachments: hadoop-6566-trunk-v1.patch, hadoop-6566-trunk-v2.patch, hadoop-6566-trunk-v3.patch, hadoop-6566-trunk-v4.patch, hadoop-6566-y20s-d1.patch, HADOOP-6566_yhadoop20.patch, HADOOP-6566_yhadoop20.patch, HADOOP-6566_yhadoop20.patch, HADOOP-6566_yhadoop20.patch > > > The Hadoop daemons (like datanode, namenode) should refuse to start up if the ownership/permissions on directories they use at runtime are misconfigured or they are not as expected. For example, the local directory where the filesystem image is stored should be owned by the user running the namenode process and should be only readable by that user. We can provide this feature in common and HDFS and MapReduce can use the same. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.