hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MAPREDUCE-3849) Change TokenCache's reading of the binary token file
Date Wed, 15 Feb 2012 10:08:59 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-3849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13208331#comment-13208331
] 

Hadoop QA commented on MAPREDUCE-3849:
--------------------------------------

+1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12514555/MAPREDUCE-3849-2.patch
  against trunk revision .

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 3 new or modified tests.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac compiler warnings.

    +1 eclipse:eclipse.  The patch built with eclipse:eclipse.

    +1 findbugs.  The patch does not introduce any new Findbugs (version 1.3.9) warnings.

    +1 release audit.  The applied patch does not increase the total number of release audit
warnings.

    +1 core tests.  The patch passed unit tests in .

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: https://builds.apache.org/job/PreCommit-MAPREDUCE-Build/1855//testReport/
Console output: https://builds.apache.org/job/PreCommit-MAPREDUCE-Build/1855//console

This message is automatically generated.
                
> Change TokenCache's reading of the binary token file
> ----------------------------------------------------
>
>                 Key: MAPREDUCE-3849
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3849
>             Project: Hadoop Map/Reduce
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 0.23.1, 0.24.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>         Attachments: MAPREDUCE-3849-2.patch, MAPREDUCE-3849.patch
>
>
> When obtaining the tokens for a {{FileSystem}}, the {{TokenCache}} will read the binary
token file if a token is not already in the {{Credentials}}.  However, it will overwrite any
existing tokens in the {{Credentials}} with the contents of the binary token file if a single
token is missing.  This may cause new tokens to be replaced with invalid/cancelled tokens
from the binary file.  The new tokens will not be canceled, and thus "leak" in the namenode
until they expire.
> The binary tokens should be merged with, but not replace, existing tokens in the {{Credentials}}.
> The code that reads the binary token file is prefaced with:
> {code}
> //TODO: Need to come up with a better place to put
> //this block of code to do with reading the file
> {code}
> Also, the loading of the binary token file is the only reason that the {{TokenCache}}
has to use {{getCanonicalService}}.  If this linkage can be broken, then the 1-to-1 filesystem
to token service coupling may be removed.  And use of {{getCanonicalService}} can be removed
in a subsequent jira.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message