hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1326) Provide pluggable mechanism for securing datanodes
Date Mon, 02 Aug 2010 18:13:17 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12894629#action_12894629

Allen Wittenauer commented on HDFS-1326:

So in other words, yes.

For Solaris, I think the patch used in HDFS-1150 would work unmodified save two things:

a) need to remove the uid 0 check
b) need to include directions on setting PRIV_NET_PRIVADDR to the HDFS user's role

We could optionally set tcp_extra_priv_ports to include >1024 ports dedicated to HDFS if
we didn't want to use a 'real' privileged port.

I suspect SELinux capabilities are configured similarly.

> Provide pluggable mechanism for securing datanodes
> --------------------------------------------------
>                 Key: HDFS-1326
>                 URL: https://issues.apache.org/jira/browse/HDFS-1326
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
> As discussed in HDFS-1150, it would be good to allow datanodes to use other methods than
jsvc to secure their ports.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message