hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12570) HDFS Secure Mode Documentation updates
Date Fri, 18 Dec 2015 00:01:46 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15063130#comment-15063130
] 

Chris Nauroth commented on HADOOP-12570:
----------------------------------------

Taking this example from the existing hdfs-default.xml:

{code}
<property>
  <name>dfs.namenode.kerberos.internal.spnego.principal</name>
  <value>${dfs.web.authentication.kerberos.principal}</value>
</property>
{code}

If an hdfs-site.xml defined {{dfs.web.authentication.kerberos.principal}}, but did not define
{{dfs.namenode.kerberos.internal.spnego.principal}}, then I think it still would have worked
because of the token substitution logic in {{Configuration#substituteVars}}.  In this patch,
{{dfs.namenode.kerberos.internal.spnego.principal}} defaults to nothing, so the token substitution
won't happen anymore.  This is why I think there could be a compatibility problem.

> HDFS Secure Mode Documentation updates
> --------------------------------------
>
>                 Key: HADOOP-12570
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12570
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: documentation
>    Affects Versions: 2.7.1
>            Reporter: Arpit Agarwal
>            Assignee: Arpit Agarwal
>         Attachments: HDFS-9254.01.patch, HDFS-9254.02.patch, HDFS-9254.03.patch, HDFS-9254.04.patch
>
>
> Some Kerberos configuration parameters are not documented well enough. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message