Return-Path: X-Original-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 798C998A0 for ; Fri, 20 Jul 2012 19:13:37 +0000 (UTC) Received: (qmail 61361 invoked by uid 500); 20 Jul 2012 19:13:36 -0000 Delivered-To: apmail-hadoop-hdfs-issues-archive@hadoop.apache.org Received: (qmail 61020 invoked by uid 500); 20 Jul 2012 19:13:35 -0000 Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-issues@hadoop.apache.org Delivered-To: mailing list hdfs-issues@hadoop.apache.org Received: (qmail 60868 invoked by uid 99); 20 Jul 2012 19:13:35 -0000 Received: from issues-vm.apache.org (HELO issues-vm) (140.211.11.160) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Jul 2012 19:13:35 +0000 Received: from isssues-vm.apache.org (localhost [127.0.0.1]) by issues-vm (Postfix) with ESMTP id 45C7A14286C for ; Fri, 20 Jul 2012 19:13:35 +0000 (UTC) Date: Fri, 20 Jul 2012 19:13:35 +0000 (UTC) From: "Aaron T. Myers (JIRA)" To: hdfs-issues@hadoop.apache.org Message-ID: <737393164.83426.1342811615287.JavaMail.jiratomcat@issues-vm> In-Reply-To: <295909511.17645.1341624095143.JavaMail.jiratomcat@issues-vm> Subject: [jira] [Updated] (HDFS-3608) fuse_dfs: detect changes in UID ticket cache MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Aaron T. Myers updated HDFS-3608: --------------------------------- Attachment: HDFS-3608.patch +1, the latest patch looks good to me. Here's a very slightly updated patch which just changes some wording of the descriptions in hdfs-default.xml. I'm going to go ahead and commit this since the difference between this and the last is negligible. > fuse_dfs: detect changes in UID ticket cache > -------------------------------------------- > > Key: HDFS-3608 > URL: https://issues.apache.org/jira/browse/HDFS-3608 > Project: Hadoop HDFS > Issue Type: Bug > Affects Versions: 2.1.0-alpha > Reporter: Colin Patrick McCabe > Assignee: Colin Patrick McCabe > Priority: Minor > Attachments: HDFS-3608.004.patch, HDFS-3608.006.patch, HDFS-3608.007.patch, HDFS-3608.008.patch, HDFS-3608.009.patch, HDFS-3608.010.patch, HDFS-3608.011.patch, HDFS-3608.patch > > > Currently in fuse_dfs, if one kinits as some principal "foo" and then does some operation on fuse_dfs, then kdestroy and kinit as some principal "bar", subsequent operations done via fuse_dfs will still use cached credentials for "foo". The reason for this is that fuse_dfs caches Filesystem instances using the UID of the user running the command as the key into the cache. This is a very uncommon scenario, since it's pretty uncommon for a single user to want to use credentials for several different principals on the same box. > However, we can use inotify to detect changes in the Kerberos ticket cache file and force the next operation to create a new FileSystem instance in that case. This will also require a reference counting mechanism in fuse_dfs so that we can free the FileSystem classes when they refer to previous Kerberos ticket caches. > Another mechanism is to run a stat periodically on the ticket cache file. This is a good fallback mechanism if inotify does not work on the file (for example, because it's on an NFS mount.) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira