hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kihwal Lee (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9436) NetgroupCache does not refresh membership correctly
Date Fri, 29 Mar 2013 16:57:16 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13617505#comment-13617505

Kihwal Lee commented on HADOOP-9436:

Silly me, I didn't svn add the new test.
> NetgroupCache does not refresh membership correctly
> ---------------------------------------------------
>                 Key: HADOOP-9436
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9436
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 3.0.0, 2.0.3-alpha, 0.23.7
>            Reporter: Kihwal Lee
>            Assignee: Kihwal Lee
>         Attachments: HADOOP-9436.patch
> NetgroupCache is used to get around the problem of inability to obtain a single user-to-groups
mapping from netgroup. For example, the ACL code pre-populates this cache, so that any user-group
mapping can be resolved for all groups defined in the service.
> However, the current refresh code only adds users to existing groups, so a loss of group
membership won't take effect. This is because the internal user-groups mapping cache is never
invalidated. If this is simply invalidated on clear(), the cache entries will build up correctly,
but user-group resolution may fail during refresh, resulting in incorrectly denying accesses.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message