hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-13673) Update scripts to be smarter when running with privilege
Date Thu, 05 Jan 2017 17:24:58 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-13673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Allen Wittenauer updated HADOOP-13673:
--------------------------------------
    Attachment: HADOOP-13673.03.patch

-03:
* if the su operation isn't expected to return, then callers must do their own exec or exit
or whatever.  This ends up being a lot simpler than adding a param that will likely be false.
* abs MYNAME so that if the command given is a relative path, we can su correct.  e.g., as
root calling "hadoop/bin/hdfs namenode" would fail since su would try to call hadoop/bin/hdfs
which was no longer the correct path

At this point, I think everything is working and this should get reviewed.

> Update scripts to be smarter when running with privilege
> --------------------------------------------------------
>
>                 Key: HADOOP-13673
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13673
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: scripts
>    Affects Versions: 3.0.0-alpha1, 3.0.0-alpha2
>            Reporter: Allen Wittenauer
>            Assignee: Allen Wittenauer
>              Labels: security
>         Attachments: HADOOP-13673.00.patch, HADOOP-13673.01.patch, HADOOP-13673.02.patch,
HADOOP-13673.03.patch
>
>
> As work continues on HADOOP-13397, it's become evident that we need better hooks to start
daemons as specifically configured users.  Via the (command)_(subcommand)_USER environment
variables in 3.x, we actually have a standardized way to do that.  This in turn means we can
make the sbin scripts super functional with a bit of updating:
> * Consolidate start-dfs.sh and start-secure-dns.sh into one script
> * Make start-\*.sh and stop-\*.sh know how to switch users when run as root
> * Undeprecate start/stop-all.sh so that it could be used as root for production purposes
and as a single user for non-production users



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message