Return-Path: X-Original-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1452217AFE for ; Mon, 9 Mar 2015 15:13:39 +0000 (UTC) Received: (qmail 99542 invoked by uid 500); 9 Mar 2015 15:13:38 -0000 Delivered-To: apmail-hadoop-hdfs-issues-archive@hadoop.apache.org Received: (qmail 99485 invoked by uid 500); 9 Mar 2015 15:13:38 -0000 Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-issues@hadoop.apache.org Delivered-To: mailing list hdfs-issues@hadoop.apache.org Received: (qmail 99473 invoked by uid 99); 9 Mar 2015 15:13:38 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Mar 2015 15:13:38 +0000 Date: Mon, 9 Mar 2015 15:13:38 +0000 (UTC) From: "Hadoop QA (JIRA)" To: hdfs-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HDFS-6826) Plugin interface to enable delegation of HDFS authorization assertions MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HDFS-6826?page=3Dcom.atlassian.= jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D14353= 086#comment-14353086 ]=20 Hadoop QA commented on HDFS-6826: --------------------------------- {color:red}-1 overall{color}. Here are the results of testing the latest a= ttachment=20 http://issues.apache.org/jira/secure/attachment/12703405/HDFS-6826.10.pat= ch against trunk revision 5578e22. {color:green}+1 @author{color}. The patch does not contain any @author= tags. {color:green}+1 tests included{color}. The patch appears to include 2 = new or modified test files. {color:green}+1 javac{color}. The applied patch does not increase the = total number of javac compiler warnings. {color:green}+1 javadoc{color}. There were no new javadoc warning mess= ages. {color:green}+1 eclipse:eclipse{color}. The patch built with eclipse:e= clipse. {color:green}+1 findbugs{color}. The patch does not introduce any new = Findbugs (version 2.0.3) warnings. {color:green}+1 release audit{color}. The applied patch does not incre= ase the total number of release audit warnings. {color:red}-1 core tests{color}. The patch failed these unit tests in = hadoop-hdfs-project/hadoop-hdfs: org.apache.hadoop.hdfs.qjournal.TestNNWithQJM org.apache.hadoop.hdfs.server.namenode.ha.TestRetryCacheW= ithHA org.apache.hadoop.hdfs.server.namenode.snapshot.TestAclWi= thSnapshot org.apache.hadoop.hdfs.server.namenode.snapshot.TestSnaps= hot org.apache.hadoop.hdfs.server.namenode.snapshot.TestSnaps= hotDeletion The following test timeouts occurred = in hadoop-hdfs-project/hadoop-hdfs: org.apache.hadoop.hdfs.server.namenode.ha.TestHAAppend org.apache.hadoop.hdfs.server.blockmanagement.TestDatanodeManager org.apache.hadoop.hdfs.TestAppendSnapshotTruncate Test results: https://builds.apache.org/job/PreCommit-HDFS-Build/9792//test= Report/ Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/9792//co= nsole This message is automatically generated. > Plugin interface to enable delegation of HDFS authorization assertions > ---------------------------------------------------------------------- > > Key: HDFS-6826 > URL: https://issues.apache.org/jira/browse/HDFS-6826 > Project: Hadoop HDFS > Issue Type: New Feature > Components: security > Affects Versions: 2.4.1 > Reporter: Alejandro Abdelnur > Assignee: Arun Suresh > Attachments: HDFS-6826-idea.patch, HDFS-6826-idea2.patch, HDFS-68= 26-permchecker.patch, HDFS-6826.10.patch, HDFS-6826v3.patch, HDFS-6826v4.pa= tch, HDFS-6826v5.patch, HDFS-6826v6.patch, HDFS-6826v7.1.patch, HDFS-6826v7= .2.patch, HDFS-6826v7.3.patch, HDFS-6826v7.4.patch, HDFS-6826v7.5.patch, HD= FS-6826v7.6.patch, HDFS-6826v7.patch, HDFS-6826v8.patch, HDFS-6826v9.patch,= HDFSPluggableAuthorizationProposal-v2.pdf, HDFSPluggableAuthorizationPropo= sal.pdf > > > When Hbase data, HiveMetaStore data or Search data is accessed via servic= es (Hbase region servers, HiveServer2, Impala, Solr) the services can enfor= ce permissions on corresponding entities (databases, tables, views, columns= , search collections, documents). It is desirable, when the data is accesse= d directly by users accessing the underlying data files (i.e. from a MapRed= uce job), that the permission of the data files map to the permissions of t= he corresponding data entity (i.e. table, column family or search collectio= n). > To enable this we need to have the necessary hooks in place in the NameNo= de to delegate authorization to an external system that can map HDFS files/= directories to data entities and resolve their permissions based on the dat= a entities permissions. > I=E2=80=99ll be posting a design proposal in the next few days. -- This message was sent by Atlassian JIRA (v6.3.4#6332)