hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Patrick McCabe (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-3608) fuse_dfs: detect changes in UID ticket cache
Date Tue, 17 Jul 2012 19:15:34 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colin Patrick McCabe updated HDFS-3608:
---------------------------------------

    Attachment: HDFS-3608.004.patch

fuse_timer.c:
* add fuse_timer.c, which can invoke callbacks after timeouts
* add test_fuse_timer unit test to test fuse_timer.c

fuse_connect.c:
* We now reference-count libhdfs connection objects using struct hdfsConn
* expire old FS instances after a certain amount of time has elapsed (a few minutes)
* expire old FS isntances whenever the kerberos ticket cache mtime changes
* store uri and port statically rather than requiring them to be passed in separately each
time we make a connection
* add fuseConnectTest, which will create a sample FileSystem object, in order to verify that
the provided configuration is valid.  This method was previously implemented inline in the
main() method.
This will probably not work for Kerberos-authenticated clusters, since that would require
root to be kinit'ed.  So add a TODO and stub out the code when Kerberos is enabled.

most fuse operations:
* fh now contains a fuseConn object rather than simply an hdfsFS object
* fuse operations must rememeber to call hdfsConnRelease, since we're now reference-counting
FS objects

fuse_impls_open.c:
* fix some error handling code

fuse_init.c:
* be more verbose about printing dfs options on startup

jni_helper.c:
* invoke FileSystem::loadFileSystems immediately after startup to avoid classloader problems
later

tree.h:
* add BSD-licensed red-black tree implementation
                
> fuse_dfs: detect changes in UID ticket cache
> --------------------------------------------
>
>                 Key: HDFS-3608
>                 URL: https://issues.apache.org/jira/browse/HDFS-3608
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 2.1.0-alpha
>            Reporter: Colin Patrick McCabe
>            Assignee: Colin Patrick McCabe
>            Priority: Minor
>         Attachments: HDFS-3608.004.patch
>
>
> Currently in fuse_dfs, if one kinits as some principal "foo" and then does some operation
on fuse_dfs, then kdestroy and kinit as some principal "bar", subsequent operations done via
fuse_dfs will still use cached credentials for "foo". The reason for this is that fuse_dfs
caches Filesystem instances using the UID of the user running the command as the key into
the cache.  This is a very uncommon scenario, since it's pretty uncommon for a single user
to want to use credentials for several different principals on the same box.
> However, we can use inotify to detect changes in the Kerberos ticket cache file and force
the next operation to create a new FileSystem instance in that case.  This will also require
a reference counting mechanism in fuse_dfs so that we can free the FileSystem classes when
they refer to previous Kerberos ticket caches.
> Another mechanism is to run a stat periodically on the ticket cache file.  This is a
good fallback mechanism if inotify does not work on the file (for example, because it's on
an NFS mount.)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message