hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Patrick McCabe (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-3608) fuse_dfs: detect changes in UID ticket cache
Date Tue, 17 Jul 2012 19:15:34 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Colin Patrick McCabe updated HDFS-3608:

    Attachment: HDFS-3608.004.patch

* add fuse_timer.c, which can invoke callbacks after timeouts
* add test_fuse_timer unit test to test fuse_timer.c

* We now reference-count libhdfs connection objects using struct hdfsConn
* expire old FS instances after a certain amount of time has elapsed (a few minutes)
* expire old FS isntances whenever the kerberos ticket cache mtime changes
* store uri and port statically rather than requiring them to be passed in separately each
time we make a connection
* add fuseConnectTest, which will create a sample FileSystem object, in order to verify that
the provided configuration is valid.  This method was previously implemented inline in the
main() method.
This will probably not work for Kerberos-authenticated clusters, since that would require
root to be kinit'ed.  So add a TODO and stub out the code when Kerberos is enabled.

most fuse operations:
* fh now contains a fuseConn object rather than simply an hdfsFS object
* fuse operations must rememeber to call hdfsConnRelease, since we're now reference-counting
FS objects

* fix some error handling code

* be more verbose about printing dfs options on startup

* invoke FileSystem::loadFileSystems immediately after startup to avoid classloader problems

* add BSD-licensed red-black tree implementation
> fuse_dfs: detect changes in UID ticket cache
> --------------------------------------------
>                 Key: HDFS-3608
>                 URL: https://issues.apache.org/jira/browse/HDFS-3608
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 2.1.0-alpha
>            Reporter: Colin Patrick McCabe
>            Assignee: Colin Patrick McCabe
>            Priority: Minor
>         Attachments: HDFS-3608.004.patch
> Currently in fuse_dfs, if one kinits as some principal "foo" and then does some operation
on fuse_dfs, then kdestroy and kinit as some principal "bar", subsequent operations done via
fuse_dfs will still use cached credentials for "foo". The reason for this is that fuse_dfs
caches Filesystem instances using the UID of the user running the command as the key into
the cache.  This is a very uncommon scenario, since it's pretty uncommon for a single user
to want to use credentials for several different principals on the same box.
> However, we can use inotify to detect changes in the Kerberos ticket cache file and force
the next operation to create a new FileSystem instance in that case.  This will also require
a reference counting mechanism in fuse_dfs so that we can free the FileSystem classes when
they refer to previous Kerberos ticket caches.
> Another mechanism is to run a stat periodically on the ticket cache file.  This is a
good fallback mechanism if inotify does not work on the file (for example, because it's on
an NFS mount.)

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message