hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Todd Lipcon (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-8243) Security support broken in CLI (manual) failover controller
Date Mon, 02 Apr 2012 21:03:28 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-8243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Todd Lipcon updated HADOOP-8243:

    Attachment: hadoop-8243.txt

This patch fixes the issue. I tested manually by setting up a secure HA cluster and running
 haadmin with {{-failover}}, {{-checkHealth}}, {{-transitionToActive}}, {{-transitionToStandby}},
and {{-getServiceState}} subcommands.

These manual tests are covered by the HA test plan.

Unfortunately there are no automated tests for security here. I tried to get the new ApacheDS-based
security test infrastructure to work, but it doesn't work correctly in my environment. Please
see my comment here: https://issues.apache.org/jira/browse/HDFS-3016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242722#comment-13242722
> Security support broken in CLI (manual) failover controller
> -----------------------------------------------------------
>                 Key: HADOOP-8243
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8243
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: ha, security
>    Affects Versions: 2.0.0
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Critical
>         Attachments: hadoop-8243.txt
> Some recent refactoring accidentally caused the proxies in some places to get created
with a default Configuration, instead of using the Configuration set up by the DFSHAAdmin
tool. This causes the HAServiceProtocol to be missing the configuration which specifies the
NN principle -- and thus breaks the CLI HAAdmin tool in secure setups.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message