hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Amar Kamat (JIRA)" <j...@apache.org>
Subject [jira] Commented: (MAPREDUCE-1543) Log messages of JobACLsManager should use security logging of HADOOP-6586
Date Tue, 16 Mar 2010 15:50:27 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12845946#action_12845946

Amar Kamat commented on MAPREDUCE-1543:

bq. I prefer userid. 
Is ugi fine? The reason being that we log username just for performance reasons. In near future
we might include group information too. It can we viewed as a ugi with masked group information.

bq. I think the toString of ACLs should be maintained and cannot be changed, it is a constraint.
..... Since we are using tabs as delimiters, maybe this is less of an issue now.

bq. Can you confirm if we are changing this to AdditionalInfo, I think that's more general.
We can name it as 'description' or maybe 'additional-info'. I am fine with both. +1 for making
it a string.

bq. Umm, but we'll still need to treat these as 'Object' parameters and do a toString on them
to get a log, right ? I see that as no different from passing a string.

bq. This was inline with the other audit patch and hence my suggestion.... we can turn off
success logs by configuring log level
+1. Good point.

> Log messages of JobACLsManager should use security logging of HADOOP-6586
> -------------------------------------------------------------------------
>                 Key: MAPREDUCE-1543
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-1543
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: security
>            Reporter: Vinod K V
>            Assignee: Amar Kamat
>             Fix For: 0.22.0
>         Attachments: mapreduce-1543-y20s.patch
> {{JobACLsManager}} added in MAPREDUCE-1307 logs the successes and failures w.r.t job-level
authorization in the corresponding Daemons' logs. The log messages should instead use security
logging of HADOOP-6586.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message