hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Helmling <ghelml...@gmail.com>
Subject Re: Security patches: HBASE-2742 and HBASE-3025
Date Sat, 19 Nov 2011 00:58:23 GMT
HBASE-2742 and HBASE-3025 have both been committed to 0.92 and trunk.

Now that we have those and the "security" profile in place, we need to
setup additional Jenkins builds using the security profile, one for
0.92 and one for trunk.

These would be the same as the existing builds, just with the addition
of "-P security" to the build command.

Once we get to maven modules, security can just be part of the normal
build, running it's own subset of tests, with some additional IPC
related tests for exercising SecureRpcEngine.

--gh


On Thu, Nov 17, 2011 at 1:50 PM, Andrew Purtell <apurtell@apache.org> wrote:
> Also 2418 needs to go in.
>
> There are three patches:
>
>   - HBASE-2742: Secure RPC engine
>
>   - HBASE-3025: Access controller
>
>   - HBASE-2418: Prevents subversion of 3025 via direct ZK client access.
>
> I have no objection to using HadoopQA.
>
>
>
>>________________________________
>>From: Ted Yu <yuzhihong@gmail.com>
>>To: dev@hbase.apache.org; Andrew Purtell <apurtell@apache.org>
>>Sent: Thursday, November 17, 2011 1:38 PM
>>Subject: Re: Security patches: HBASE-2742 and HBASE-3025
>>
>>
>>My assumption is that 0.92 RC0 would be released after:
>>1. 2742 and 3025 get checked in
>>2. we have a good Jenkins build after that
>>
>>We can iron out build issues between #1 and #2 above.
>>HadoopQA would make this easier by telling us which tests may fail.
>>
>>This is my personal opinion.
>>
>>
>>On Thu, Nov 17, 2011 at 1:31 PM, Andrew Purtell <apurtell@apache.org> wrote:
>>
>>Hi Ted,
>>>
>>>Integration of security is holding up an 0.92 RC.
>>>
>>>I'd like clean Hudson reports too, but that seems thin justification.
>>>
>>>Best regards,
>>>
>>>
>>>  - Andy
>>>
>>>Problems worthy of attack prove their worth by hitting back. - Piet Hein (via
Tom White)
>>>
>>>
>>>
>>>----- Original Message -----
>>>> From: Ted Yu <yuzhihong@gmail.com>
>>>> To: dev@hbase.apache.org
>>>> Cc:
>>>> Sent: Thursday, November 17, 2011 10:58 AM
>>>> Subject: Re: Security patches: HBASE-2742 and HBASE-3025
>>>>
>>>> I am still going over changes in 2742. But I don't expect to find much.
>>>>
>>>> 2742 and 3025 haven't gone through HadoopQA yet.
>>>> 0.92 and TRUNK builds on Jenkins have been unstable lately. I think we
>>>> shouldn't make a successful build further.
>>>>
>>>> Cheers
>>>>
>>>> On Thu, Nov 17, 2011 at 10:47 AM, Gary Helmling <ghelmling@gmail.com>
>>>> wrote:
>>>>
>>>>>  Yes, the ZK authentication in 2418 is the final piece of the puzzle.
>>>>>
>>>>>
>>>>>  On Thu, Nov 17, 2011 at 10:44 AM, Stack <stack@duboce.net> wrote:
>>>>>  > On Thu, Nov 17, 2011 at 10:33 AM, Gary Helmling
>>>> <ghelmling@gmail.com>
>>>>>  wrote:
>>>>>  >> Hi all,
>>>>>  >>
>>>>>  >> I intend to commit the following patches for HBase security
to the
>>>>>  >> 0.92 branch and trunk at the end of day today:
>>>>>  >>
>>>>>  >> HBASE-2742: Provide a secure RPC engine for HBase
>>>>>  >> https://reviews.apache.org/r/1991/
>>>>>  >>
>>>>>  >> HBASE-3025: Coprocessor based simple access control
>>>>>  >> https://reviews.apache.org/r/2041/
>>>>>  >>
>>>>>  >> If you have not reviewed and want to, or feel like you need
more
>>>> time,
>>>>>  >> please take a look today or speak up now.
>>>>>  >>
>>>>>  >
>>>>>  > Am reviewing now.
>>>>>  >
>>>>>  > That would leave Andrew's secure zk issue to complete our security
>>>> story?
>>>>>  >
>>>>>  > St.Ack
>>>>>  >
>>>>>
>>>>
>>>
>>
>>
>>

Mime
View raw message