hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-15443) hadoop shell should allow non-privileged user to start secure daemons.
Date Thu, 03 May 2018 14:57:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16462553#comment-16462553
] 

Allen Wittenauer commented on HADOOP-15443:
-------------------------------------------

Removing that is going to cause all sorts of problems.

How is this code path getting invoked? Datanode RPC ports protected via SASL and SSL is configured
via hdfs-site.xml and shouldn't be using ANY of bash's security code.  It feels like something
was configured that shouldn't have been.

> hadoop shell should allow non-privileged user to start secure daemons.
> ----------------------------------------------------------------------
>
>                 Key: HADOOP-15443
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15443
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Ajay Kumar
>            Assignee: Ajay Kumar
>            Priority: Major
>
> With [HDFS-13081] now secure Datanode can be started without root privileges if rpc port
is protected via sasl and ssl is enabled for http. However hadoop shell still has check for
privilged user in hadoop-functions.sh. Jira intends to amend it, at-least for hdfs.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message