hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Arun C Murthy (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (HDFS-3608) fuse_dfs: detect changes in UID ticket cache
Date Thu, 11 Oct 2012 17:49:22 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Arun C Murthy closed HDFS-3608.
-------------------------------

    
> fuse_dfs: detect changes in UID ticket cache
> --------------------------------------------
>
>                 Key: HDFS-3608
>                 URL: https://issues.apache.org/jira/browse/HDFS-3608
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-alpha
>            Reporter: Colin Patrick McCabe
>            Assignee: Colin Patrick McCabe
>            Priority: Minor
>             Fix For: 2.0.2-alpha
>
>         Attachments: HDFS-3608.004.patch, HDFS-3608.006.patch, HDFS-3608.007.patch, HDFS-3608.008.patch,
HDFS-3608.009.patch, HDFS-3608.010.patch, HDFS-3608.011.patch, HDFS-3608.patch
>
>
> Currently in fuse_dfs, if one kinits as some principal "foo" and then does some operation
on fuse_dfs, then kdestroy and kinit as some principal "bar", subsequent operations done via
fuse_dfs will still use cached credentials for "foo". The reason for this is that fuse_dfs
caches Filesystem instances using the UID of the user running the command as the key into
the cache.  This is a very uncommon scenario, since it's pretty uncommon for a single user
to want to use credentials for several different principals on the same box.
> However, we can use inotify to detect changes in the Kerberos ticket cache file and force
the next operation to create a new FileSystem instance in that case.  This will also require
a reference counting mechanism in fuse_dfs so that we can free the FileSystem classes when
they refer to previous Kerberos ticket caches.
> Another mechanism is to run a stat periodically on the ticket cache file.  This is a
good fallback mechanism if inotify does not work on the file (for example, because it's on
an NFS mount.)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message