hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-11400) Automatic HDFS Home Directory Creation
Date Fri, 10 Feb 2017 15:20:41 GMT

    [ https://issues.apache.org/jira/browse/HDFS-11400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15861405#comment-15861405

Allen Wittenauer commented on HDFS-11400:

bq. Given NN resolves users from OS / Kerberos, this would mean the OS / Kerberos systems
have already been compromised to have had fake users added?

No, it doesn't. If I access a home dir as a privileged user (e.g., hdfs) then I'm not sure
why there would be a validation made against an individual user's external existence.

bq. How about these ideas?

Honestly?  It sounds like a lot of work for very little reward.  Why is creating a directory
such a heavy burden?  

Also, doesn't the NN plugin system already give one a way to implement this feature without
clogging up the rest of the code base?

bq. it seems silly in retrospect for admins to keep writing scripts to do this for every client
when this could be solved once and for all via NN logic

Whoever is building this on a per client basis--if I'm interpreting that statement correctly--probably
is an extremely inexperienced admin.

Take a step back from Hadoop and it becomes obvious: there are bits that have to get done
outside the NN anyway.  That usually includes account validation, group setup, etc, etc. 
Removing the hdfs dir creation doesn't really save a whole lot of time/effort (one or two
commands).  Instead, it adds a whole lot of burden by having to configure all of these other

> Automatic HDFS Home Directory Creation
> --------------------------------------
>                 Key: HDFS-11400
>                 URL: https://issues.apache.org/jira/browse/HDFS-11400
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: hdfs, namenode
>    Affects Versions: 2.7.1
>         Environment: HDP 2.4.2
>            Reporter: Hari Sekhon
> Feature Request to add automatic home directory creation for HDFS users when they are
first resolved by the NameNode if their home directory does not already exist, using configurable
umask defaulting to 027.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org

View raw message