hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "zhaoyunjiong (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-6829) DFSAdmin refreshSuperUserGroupsConfiguration failed in security cluster
Date Wed, 06 Aug 2014 07:17:11 GMT
zhaoyunjiong created HDFS-6829:

             Summary: DFSAdmin refreshSuperUserGroupsConfiguration failed in security cluster
                 Key: HDFS-6829
                 URL: https://issues.apache.org/jira/browse/HDFS-6829
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: tools
    Affects Versions: 2.4.1
            Reporter: zhaoyunjiong
            Assignee: zhaoyunjiong
            Priority: Minor

When we run command "hadoop dfsadmin -refreshSuperUserGroupsConfiguration", it failed and
report below message:
14/08/05 21:32:06 WARN security.MultiRealmUserAuthentication: The serverPrincipal = doesn't
confirm to the standards
refreshSuperUserGroupsConfiguration: null

After check the code, I found the bug was triggered by below reasons:
1. We didn't set CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY, which needed
by RefreshUserMappingsProtocol. And in DFSAdmin, if no CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY
set, it will try to use DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY:     conf.set(CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY,
2. But we set DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY in hdfs-site.xml
3. DFSAdmin didn't load hdfs-site.xml

This message was sent by Atlassian JIRA

View raw message