[ https://issues.apache.org/jira/browse/HADOOP-12426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran updated HADOOP-12426:
------------------------------------
Attachment: HADOOP-12426-009.patch
Patch -009
# try to make the (spurious) findbugs warning go away
# document KDiag in SecureMode.md
# improve the usage message
# added (commented out) bits to hadoop-env.sh to show how to turn
on kerberos diagnostics
With the docs, this is ready to go in. I don't have any immediate plans to extend the tool;
if someone can +1 it I'll add it to 2.8
> Add Entry point for Kerberos health check
> -----------------------------------------
>
> Key: HADOOP-12426
> URL: https://issues.apache.org/jira/browse/HADOOP-12426
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.7.1
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Minor
> Attachments: HADOOP-12426-001.patch, HADOOP-12426-002.patch, HADOOP-12426-003.patch,
HADOOP-12426-004.patch, HADOOP-12426-006.patch, HADOOP-12426-007.patch, HADOOP-12426-008.patch,
HADOOP-12426-009.patch
>
>
> If we a little command line entry point for testing kerberos settings, including some
automated diagnostics checks, we could simplify fielding the client-side support calls.
> Specifically
> * check JRE for having java crypto extensions at full key length.
> * network checks: do you know your own name?
> * Is the user kinited in?
> * if a tgt is specified, does it exist?
> * are hadoop security options consistent?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
|