hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-8613) Add option to list up allowed hosts that can do any operation to NameNode.
Date Wed, 17 Jun 2015 16:42:01 GMT

    [ https://issues.apache.org/jira/browse/HDFS-8613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14590065#comment-14590065
] 

Allen Wittenauer commented on HDFS-8613:
----------------------------------------

This should get added as generic feature to common's ACL system first.  Then all daemons could
benefit rather than having yet another thing that is specific to HDFS.

> Add option to list up allowed hosts that can do any operation to NameNode.
> --------------------------------------------------------------------------
>
>                 Key: HDFS-8613
>                 URL: https://issues.apache.org/jira/browse/HDFS-8613
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>    Affects Versions: 2.7.0
>            Reporter: Kai Sasaki
>            Assignee: Kai Sasaki
>            Priority: Minor
>
> Current NameNode receives all operations through client protocol from any hosts. 
> However, some critical operations such as {{format}} should be restricted with not only
Kerberos authentication but also with host names in order to prevent us from formatting NameNode
by mistake. It is better to add option to write some allowed hosts which can do any operations
to NameNode.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message