hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dinesh Chitlangia (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HDFS-14176) Replace incorrect use of system property user.name
Date Mon, 31 Dec 2018 06:50:00 GMT

    [ https://issues.apache.org/jira/browse/HDFS-14176?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16731211#comment-16731211
] 

Dinesh Chitlangia edited comment on HDFS-14176 at 12/31/18 6:49 AM:
--------------------------------------------------------------------

[~jojochuang] - Thank you for reporting the issue and the detailed description.
Excluding the Test classes, the following occurrences are noted:
YARN/YarnServiceJobSubmitter L216
YARN/YarnClientImpl L1111 (here, it is using this pattern only if security is not enabled)
Tools/SwiftNativeFileSystem L118
HDFS/FileSystemAccessService L176 (here, it is using this pattern only if security == simple)
HDFS/RouterClientProtocol L129
Ozone/ListVolumeHandler L79
Ozone/CreateVolumeHandler L82

I think we can create 3 JIRA to track separately for YARN, Ozone and HDFS+Tools.

Let me know your thoughts.


was (Author: dineshchitlangia):
[~jojochuang] - Thank you for reporting the issue and the detailed description.
Excluding the Test classes, the following occurrences are noted:
YARN/YarnServiceJobSubmitter L216
YARN/YarnClientImpl L1111 (here, it is using this pattern only if security is not enabled)
Tools/SwiftNativeFileSystem L118
HDFS/FileSystemAccessService L176 ((here, it is using this pattern only if security == simple)
HDFS/RouterClientProtocol L129
Ozone/ListVolumeHandler L79
Ozone/CreateVolumeHandler L82

I think we can create 3 JIRA to track separately for YARN, Ozone and HDFS+Tools.

Let me know your thoughts.

> Replace incorrect use of system property user.name
> --------------------------------------------------
>
>                 Key: HDFS-14176
>                 URL: https://issues.apache.org/jira/browse/HDFS-14176
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 3.3.0
>         Environment: Kerberized
>            Reporter: Wei-Chiu Chuang
>            Assignee: Dinesh Chitlangia
>            Priority: Major
>
> Looking at the Hadoop source code, there are a few places where the code assumes the
user name can be acquired from Java's system property {{user.name}}.
> For example,
> {code:java|title=FileSystem}
> /** Return the current user's home directory in this FileSystem.
>    * The default implementation returns {@code "/user/$USER/"}.
>    */
>   public Path getHomeDirectory() {
>     return this.makeQualified(
>         new Path(USER_HOME_PREFIX + "/" + System.getProperty("user.name")));
>   }
> {code}
> This is incorrect, as in a Kerberized environment, a user may login as a user principal
different from its system login account.
> It would be better to use {{UserGroupInformation.getCurrentUser().getShortUserName()}},
similar to HDFS-12485.
> Unfortunately, I am seeing this improper use in Yarn, HDFS federation SFTPFilesystem
and Ozone code (tests are ignored)
> The impact should be small, since it only affects the case where system is Kerberized
and that the user principal is different from system login account.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message