hadoop-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rohit sarewar <rohitsare...@gmail.com>
Subject Hadoop Security via Kerberos
Date Wed, 27 Feb 2013 17:14:16 GMT

I am trying to learn how Kerberos can be implemented in Hadoop.
I have gone through this doc
I have also gone through Basic Kerberos stuff (http://web.mit.edu/kerberos/,

1) The apache doc uses the word "Token" whereas the general doc over the
internet uses the term "Ticket".
     Are Token and Ticket same ?

2) The apache doc also    "DataNodes do not enforce any access control on
accesses to its data blocks.
     This makes it possible for an unauthorized client to read a data block
      long as she can supply its block ID. It’s also possible for anyone to
      arbitrary data blocks to DataNodes."

My thoughts on this:-
*I can fetch the block Id from file path using the command:-*
hadoop@Studio-1555:/opt/hadoop/hadoop-1.0.2/bin$ ./hadoop fsck
/hadoop/mapred/system/jobtracker.info -files -blocks
FSCK started by hadoop from / for path /hadoop/mapred/system/
jobtracker.info at Mon Jul 09 06:57:14 EDT 2012
/hadoop/mapred/system/jobtracker.info 4 bytes, 1 block(s):  OK
0. blk_-9148080207111019586_1001 len=4 repl=1

As I was authorized to access this file jobtracker.info, I was able to find
its blockID using the above command.
I think that if I add some offset to this block ID and write to that
How can I explicitly mention the blockID while writing a file to HDFS.(What
is the command ?)*
Any other way to  write arbitrary data blocks to DataNodes ?

Please tell me if my approach is wrong ?

View raw message