hbase git commit: HBASE-16284 Unauthorized client can shutdown the cluster

apurtell Tue, 02 Aug 2016 14:39:06 -0700

Repository: hbase
Updated Branches:
  refs/heads/0.98 e3e7525e7 -> bd19450bf



HBASE-16284 Unauthorized client can shutdown the cluster

Signed-off-by: Andrew Purtell <apurt...@apache.org>
Amending-Author: Andrew Purtell <apurt...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/bd19450b
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/bd19450b
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/bd19450b

Branch: refs/heads/0.98
Commit: bd19450bfffec4d4f10c89a6a4adf887f94e7164
Parents: e3e7525
Author: Deokwoo Han <ithen...@gmail.com>
Authored: Fri Jul 29 11:07:51 2016 +0900
Committer: Andrew Purtell <apurt...@apache.org>
Committed: Tue Aug 2 14:37:47 2016 -0700

----------------------------------------------------------------------
 .../org/apache/hadoop/hbase/master/HMaster.java | 30 +++++++++++---------
 .../hadoop/hbase/util/JVMClusterUtil.java       | 16 ++++++++---
 .../security/access/TestAccessController3.java  | 27 ++++++++++++++++++
 3 files changed, 55 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/bd19450b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java
index a586a49..4dcfa36 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java
@@ -2681,16 +2681,12 @@ MasterServices, Server {
     return rsFatals;
   }
 
-  public void shutdown() {
+  public void shutdown() throws IOException {
     if (spanReceiverHost != null) {
       spanReceiverHost.closeReceivers();
     }
     if (cpHost != null) {
-      try {
-        cpHost.preShutdown();
-      } catch (IOException ioe) {
-        LOG.error("Error call master coprocessor preShutdown()", ioe);
-      }
+      cpHost.preShutdown();
     }
     if (mxBean != null) {
       MBeanUtil.unregisterMBean(mxBean);
@@ -2711,17 +2707,18 @@ MasterServices, Server {
   public ShutdownResponse shutdown(RpcController controller, ShutdownRequest 
request)
   throws ServiceException {
     LOG.info(getClientIdAuditPrefix() + " shutdown");
-    shutdown();
+    try {
+      shutdown();
+    } catch (IOException e) {
+      LOG.error("Exception occurred in HMaster.shutdown()", e);
+      throw new ServiceException(e);
+    }
     return ShutdownResponse.newBuilder().build();
   }
 
-  public void stopMaster() {
+  public void stopMaster() throws IOException {
     if (cpHost != null) {
-      try {
-        cpHost.preStopMaster();
-      } catch (IOException ioe) {
-        LOG.error("Error call master coprocessor preStopMaster()", ioe);
-      }
+      cpHost.preStopMaster();
     }
     stop("Stopped by " + Thread.currentThread().getName());
   }
@@ -2730,7 +2727,12 @@ MasterServices, Server {
   public StopMasterResponse stopMaster(RpcController controller, 
StopMasterRequest request)
   throws ServiceException {
     LOG.info(getClientIdAuditPrefix() + " stop");
-    stopMaster();
+    try {
+      stopMaster();
+    } catch (IOException e) {
+      LOG.error("Exception occurred while stopping master", e);
+      throw new ServiceException(e);
+    }
     return StopMasterResponse.newBuilder().build();
   }
 

http://git-wip-us.apache.org/repos/asf/hbase/blob/bd19450b/hbase-server/src/main/java/org/apache/hadoop/hbase/util/JVMClusterUtil.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/util/JVMClusterUtil.java 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/util/JVMClusterUtil.java
index e2ee6d3..3f0db5a 100644
--- 
a/hbase-server/src/main/java/org/apache/hadoop/hbase/util/JVMClusterUtil.java
+++ 
b/hbase-server/src/main/java/org/apache/hadoop/hbase/util/JVMClusterUtil.java
@@ -244,15 +244,23 @@ public class JVMClusterUtil {
       JVMClusterUtil.MasterThread activeMaster = null;
       for (JVMClusterUtil.MasterThread t : masters) {
         if (!t.master.isActiveMaster()) {
-          t.master.stopMaster();
+          try {
+            t.master.stopMaster();
+          } catch (IOException e) {
+            LOG.error("Exception occurred while stopping master", e);
+          }
         } else {
           activeMaster = t;
         }
       }
       // Do active after.
-      if (activeMaster != null)
-        activeMaster.master.shutdown();
-
+      if (activeMaster != null) {
+        try {
+          activeMaster.master.shutdown();
+        } catch (IOException e) {
+          LOG.error("Exception occurred in HMaster.shutdown()", e);
+        }
+      }
     }
     boolean wasInterrupted = false;
     final long maxTime = System.currentTimeMillis() + 30 * 1000;

http://git-wip-us.apache.org/repos/asf/hbase/blob/bd19450b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController3.java
----------------------------------------------------------------------
diff --git 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController3.java
 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController3.java
index 7792e2a..d23e9e0 100644
--- 
a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController3.java
+++ 
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController3.java
@@ -39,6 +39,7 @@ import 
org.apache.hadoop.hbase.coprocessor.MasterCoprocessorEnvironment;
 import org.apache.hadoop.hbase.coprocessor.ObserverContext;
 import org.apache.hadoop.hbase.coprocessor.RegionCoprocessorEnvironment;
 import org.apache.hadoop.hbase.coprocessor.RegionServerCoprocessorEnvironment;
+import org.apache.hadoop.hbase.master.HMaster;
 import org.apache.hadoop.hbase.master.MasterCoprocessorHost;
 import org.apache.hadoop.hbase.regionserver.HRegionServer;
 import org.apache.hadoop.hbase.regionserver.HRegion;
@@ -280,4 +281,30 @@ public class TestAccessController3 extends SecureTestUtil {
       USER_GROUP_READ, USER_GROUP_WRITE);
   }
 
+  @Test (timeout=180000)
+  public void testUnauthorizedShutdown() throws Exception {
+    AccessTestAction action = new AccessTestAction() {
+      @Override public Object run() throws Exception {
+        HMaster master = TEST_UTIL.getHBaseCluster().getMaster();
+        master.shutdown();
+        return null;
+      }
+    };
+    verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, 
USER_GROUP_READ,
+      USER_GROUP_WRITE, USER_GROUP_CREATE);
+  }
+
+  @Test (timeout=180000)
+  public void testUnauthorizedStopMaster() throws Exception {
+    AccessTestAction action = new AccessTestAction() {
+      @Override public Object run() throws Exception {
+        HMaster master = TEST_UTIL.getHBaseCluster().getMaster();
+        master.stopMaster();
+        return null;
+      }
+    };
+    verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, 
USER_GROUP_READ,
+      USER_GROUP_WRITE, USER_GROUP_CREATE);
+  }
+
 }

hbase git commit: HBASE-16284 Unauthorized client can shutdown the cluster

Reply via email to