hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-15123) KDiag tries to load krb5.conf from KRB5CCNAME instead of KRB5_CONFIG
Date Sat, 16 Dec 2017 13:08:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15123?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16293798#comment-16293798
] 

Steve Loughran commented on HADOOP-15123:
-----------------------------------------

If it's there, it's probably because at the time I thought it was being used. 

Looking at https://web.mit.edu/kerberos/krb5-latest/doc/admin/env_variables.html , does seem
that it was the wrong varable for the keytab

but it is the location for the cached tickets, according to http://web.mit.edu/kerberos/krb5-1.4/krb5-1.4/doc/klist.html


so: I'd like the static field retained, the value printed, even with this patch, which does
seem to be doing the right thing.

* This is one of those "needs testing in kerberos envs" features...can you attach before/after
logs too. 
* checkstyles are about indentation;

> KDiag tries to load krb5.conf from KRB5CCNAME instead of KRB5_CONFIG
> --------------------------------------------------------------------
>
>                 Key: HADOOP-15123
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15123
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Vipin Rathor
>            Priority: Minor
>         Attachments: HADOOP-15123.0001.patch
>
>
> If Kerberos credential cache file location is overridden in environment, then KDiag tries
to read its value for Kerberos configuration. For example,
> {code:java}
> # export KRB5CCNAME=/tmp/krb5cc_1001
> # hadoop org.apache.hadoop.security.KDiag
> ...
> ...
> == Locating Kerberos configuration file ==
> Setting kerberos path from environment variable KRB5CCNAME: "/tmp/krb5cc_1001"
> Kerberos configuration file = /tmp/krb5cc_1001
> 17/12/16 04:06:19 ERROR security.KDiag: java.util.UnknownFormatConversionException: Conversion
= '�'
> java.util.UnknownFormatConversionException: Conversion = '�'
> {code}
> Expected Behavior:
> 1. Kerberos configuration file location should be read from KRB5_CONFIG env. variable
instead of KRB5CCNAME. Source: [MIT KRB5 doc|https://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html]



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message