Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: hdfs-issues@hadoop.apache.org
Date: Tue, 26 Aug 2014 19:44:00 +0000 (UTC)
From: "Hadoop QA (JIRA)" <jira@apache.org>
To: hdfs-issues@hadoop.apache.org
Message-ID: <JIRA.12732213.1407294771273.16837.1409082240199@arcas>
In-Reply-To: <JIRA.12732213.1407294771273@arcas>
References: <JIRA.12732213.1407294771273@arcas>
Subject: [jira] [Commented] (HDFS-6826) Plugin interface to enable
 delegation of HDFS authorization assertions
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


    [ https://issues.apache.org/jira/browse/HDFS-6826?page=3Dcom.atlassian.=
jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D14111=
195#comment-14111195 ]=20

Hadoop QA commented on HDFS-6826:
---------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest a=
ttachment=20
  http://issues.apache.org/jira/secure/attachment/12664424/HDFS-6826v7.4.pa=
tch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author=
 tags.

    {color:green}+1 tests included{color}.  The patch appears to include 1 =
new or modified test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the =
total number of javac compiler warnings.

    {color:green}+1 javadoc{color}.  There were no new javadoc warning mess=
ages.

    {color:green}+1 eclipse:eclipse{color}.  The patch built with eclipse:e=
clipse.

    {color:green}+1 findbugs{color}.  The patch does not introduce any new =
Findbugs (version 2.0.3) warnings.

    {color:green}+1 release audit{color}.  The applied patch does not incre=
ase the total number of release audit warnings.

    {color:red}-1 core tests{color}.  The patch failed these unit tests in =
hadoop-hdfs-project/hadoop-hdfs:

                  org.apache.hadoop.hdfs.server.namenode.ha.TestPipelinesFa=
ilover

    {color:green}+1 contrib tests{color}.  The patch passed contrib unit te=
sts.

Test results: https://builds.apache.org/job/PreCommit-HDFS-Build/7770//test=
Report/
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/7770//co=
nsole

This message is automatically generated.

> Plugin interface to enable delegation of HDFS authorization assertions
> ----------------------------------------------------------------------
>
>                 Key: HDFS-6826
>                 URL: https://issues.apache.org/jira/browse/HDFS-6826
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.4.1
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HDFS-6826-idea.patch, HDFS-6826-idea2.patch, HDFS-68=
26v3.patch, HDFS-6826v4.patch, HDFS-6826v5.patch, HDFS-6826v6.patch, HDFS-6=
826v7.1.patch, HDFS-6826v7.2.patch, HDFS-6826v7.3.patch, HDFS-6826v7.4.patc=
h, HDFS-6826v7.patch, HDFS-6826v8.patch, HDFSPluggableAuthorizationProposal=
-v2.pdf, HDFSPluggableAuthorizationProposal.pdf
>
>
> When Hbase data, HiveMetaStore data or Search data is accessed via servic=
es (Hbase region servers, HiveServer2, Impala, Solr) the services can enfor=
ce permissions on corresponding entities (databases, tables, views, columns=
, search collections, documents). It is desirable, when the data is accesse=
d directly by users accessing the underlying data files (i.e. from a MapRed=
uce job), that the permission of the data files map to the permissions of t=
he corresponding data entity (i.e. table, column family or search collectio=
n).
> To enable this we need to have the necessary hooks in place in the NameNo=
de to delegate authorization to an external system that can map HDFS files/=
directories to data entities and resolve their permissions based on the dat=
a entities permissions.
> I=E2=80=99ll be posting a design proposal in the next few days.


--
This message was sent by Atlassian JIRA
(v6.2#6252)