hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Erik Steffl (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-6855) Add ability to get groups for ACLs from 'getent netgroup'
Date Wed, 14 Jul 2010 00:18:52 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-6855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12888124#action_12888124
] 

Erik Steffl commented on HADOOP-6855:
-------------------------------------

HADOOP-6855-0.20-1.patch fixes problems pointed out by review:

1. ShellBasedUnixGroupsNetgroupMapping.java: commented out log lines removed

2.  ShellBasedUnixGroupsNetgroupMapping.java: getNetgroups, getUnixGroups return void now

3. ShellBasedUnixGroupsNetgroupMapping.java: LinkedList<String> is used

4. ShellBasedUnixGroupsNetgroupMappingTestWrapper.java: yes, the first element was user, removed.
And yes, it doesn't really matter for tests

5. No warnings, was caused by usage of LinkedList instead of LinkedList<String>

Also, per our discussion, I improved parsing of netgroup output, previously supported format:

group ( , user, ) ...

Currently supported format (both domain and host are optional, not used if present):

group ( , user, ) ( domain, anotherUser, host.com)


> Add ability to get groups for ACLs from 'getent netgroup'
> ---------------------------------------------------------
>
>                 Key: HADOOP-6855
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6855
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 0.22.0
>            Reporter: Erik Steffl
>             Fix For: 0.22.0
>
>         Attachments: HADOOP-6855-0.20-1.patch, HADOOP-6855-0.20.patch
>
>
> Add ability to specify netgroups in ACLs (see class AccessControlList.java). Membership
of users in netgroups will be determined by running 'getent negroups $groupName'. Netgroups
will be differentiated from regular unix groups by having '@' as a first character.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message