Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm
Precedence: bulk
Date: Wed, 9 Jul 2014 03:14:05 +0000 (UTC)
From: "Andrew Purtell (JIRA)" <jira@apache.org>
To: issues@hbase.apache.org
Message-ID: <JIRA.12709411.1397917102930.5876.1404875645148@arcas>
In-Reply-To: <JIRA.12709411.1397917102930@arcas>
References: <JIRA.12709411.1397917102930@arcas>
Subject: [jira] [Comment Edited] (HBASE-11039) [VisibilityController]
 Integration test for labeled data set mixing and filtered excise
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/HBASE-11039?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14055804#comment-14055804 ] 

Andrew Purtell edited comment on HBASE-11039 at 7/9/14 3:13 AM:
----------------------------------------------------------------

I tried running this against a cluster with ./bin/hbase org.apache.hadoop.hbase.test.IntegrationTestBigLinkedListWithVisibility -m calm Loop 1 1 10000 /tmp 1 and encountered a failure because the test creates users for testing that do not correspond to user accounts on the cluster, and because the test cluster had both the VisibilityController and the AccessController installed. I think we need command line options for specifying users like with IntegrationTestIngestWithACL and how to operate this test should be documented. 

On the server:
{noformat}
2014-07-08 20:09:32,553 WARN  [defaultRpcServer.handler=27,queue=0,port=8120] security.ShellBasedUnixGroupsMapping: got exception trying to get groups for user user1
org.apache.hadoop.util.Shell$ExitCodeException: id: user1: no such user

	at org.apache.hadoop.util.Shell.runCommand(Shell.java:464)
	at org.apache.hadoop.util.Shell.run(Shell.java:379)
	at org.apache.hadoop.util.Shell$ShellCommandExecutor.execute(Shell.java:589)
	at org.apache.hadoop.util.Shell.execCommand(Shell.java:678)
	at org.apache.hadoop.util.Shell.execCommand(Shell.java:661)
	at org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getUnixGroups(ShellBasedUnixGroupsMapping.java:83)
	at org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getGroups(ShellBasedUnixGroupsMapping.java:52)
	at org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback.getGroups(JniBasedUnixGroupsMappingWithFallback.java:50)
	at org.apache.hadoop.security.Groups.getGroups(Groups.java:89)
	at org.apache.hadoop.security.UserGroupInformation.getGroupNames(UserGroupInformation.java:1352)
	at org.apache.hadoop.hbase.security.User.getGroupNames(User.java:76)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:487)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:303)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:372)
	at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1368)
	at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:1891)
	at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1784)
	at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3085)
{noformat}

On the client:

{noformat}
2014-07-08 20:09:33,485 ERROR [main] test.IntegrationTestBigLinkedList$Verify: Expected referenced count does not match with actual referenced count. expected referenced=10000 ,actual=0
{noformat}


was (Author: apurtell):
I tried running this against a cluster with ./bin/hbase org.apache.hadoop.hbase.test.IntegrationTestBigLinkedListWithVisibility -m calm Loop 1 1 10000 /tmp 1 and encountered a failure because the test creates users for testing that do not correspond to user accounts on the cluster. I think we need command line options for specifying users like with IntegrationTestIngestWithACL and how to operate this test should be documented. 
On the server:
{noformat}
2014-07-08 20:09:32,553 WARN  [defaultRpcServer.handler=27,queue=0,port=8120] security.ShellBasedUnixGroupsMapping: got exception trying to get groups for user user1
org.apache.hadoop.util.Shell$ExitCodeException: id: user1: no such user

	at org.apache.hadoop.util.Shell.runCommand(Shell.java:464)
	at org.apache.hadoop.util.Shell.run(Shell.java:379)
	at org.apache.hadoop.util.Shell$ShellCommandExecutor.execute(Shell.java:589)
	at org.apache.hadoop.util.Shell.execCommand(Shell.java:678)
	at org.apache.hadoop.util.Shell.execCommand(Shell.java:661)
	at org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getUnixGroups(ShellBasedUnixGroupsMapping.java:83)
	at org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getGroups(ShellBasedUnixGroupsMapping.java:52)
	at org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback.getGroups(JniBasedUnixGroupsMappingWithFallback.java:50)
	at org.apache.hadoop.security.Groups.getGroups(Groups.java:89)
	at org.apache.hadoop.security.UserGroupInformation.getGroupNames(UserGroupInformation.java:1352)
	at org.apache.hadoop.hbase.security.User.getGroupNames(User.java:76)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:487)
	at org.apache.hadoop.hbase.security.access.TableAuthManager.authorize(TableAuthManager.java:500)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:303)
	at org.apache.hadoop.hbase.security.access.AccessController.permissionGranted(AccessController.java:372)
	at org.apache.hadoop.hbase.security.access.AccessController.internalPreRead(AccessController.java:1368)
	at org.apache.hadoop.hbase.security.access.AccessController.preScannerOpen(AccessController.java:1891)
	at org.apache.hadoop.hbase.regionserver.RegionCoprocessorHost.preScannerOpen(RegionCoprocessorHost.java:1784)
	at org.apache.hadoop.hbase.regionserver.HRegionServer.scan(HRegionServer.java:3085)
{noformat}

On the client:

{noformat}
2014-07-08 20:09:33,485 ERROR [main] test.IntegrationTestBigLinkedList$Verify: Expected referenced count does not match with actual referenced count. expected referenced=10000 ,actual=0
{noformat}

> [VisibilityController] Integration test for labeled data set mixing and filtered excise
> ---------------------------------------------------------------------------------------
>
>                 Key: HBASE-11039
>                 URL: https://issues.apache.org/jira/browse/HBASE-11039
>             Project: HBase
>          Issue Type: Test
>    Affects Versions: 0.98.1
>            Reporter: Andrew Purtell
>            Assignee: ramkrishna.s.vasudevan
>            Priority: Critical
>             Fix For: 0.99.0, 1.0.0, 0.98.4
>
>         Attachments: HBASE-11039_ITBLL_v1.patch
>
>
> Create an integration test for the VisibilityController that:
> 1. Create several tables of test data
> 2. Assign a set of auths to each table. Label all entries in the table with appropriate visibility expressions. Insure that some data in every table overlaps with data in other tables at common row/family/qualifier coordinates. Generate data like ITBLL so we can verify all data present later.
> 3. Mix the data from the different tables into a new common table
> 4. Verify for each set of auths defined in step #2 that all entries found in the source table can be found in the common table. Like the ITBLL verification step but done N times for each set of auths defined in step #2.
> 5. Choose one of the source tables. Get its set of auths. Perform a deletion with visibility expression from the common table using those auths.
> 6. Verify that no data in the common table with the auth set chosen in #5 remains. A simple row count with the set of auths chosen in #5 that should return 0.


--
This message was sent by Atlassian JIRA
(v6.2#6252)