[hadoop] branch branch-3.3 updated: HADOOP-18627. Add stronger wording in 'secure mode' introduction (#5406)

Fri, 17 Feb 2023 08:32:28 -0800 

This is an automated email from the ASF dual-hosted git repository.

stevel pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git


The following commit(s) were added to refs/heads/branch-3.3 by this push:
     new 477f17be974 HADOOP-18627. Add stronger wording in 'secure mode' 
introduction (#5406)
477f17be974 is described below

commit 477f17be974ad2dd728e5f31fc7f54572f33130e
Author: Arnout Engelen <arn...@engelen.eu>
AuthorDate: Fri Feb 17 17:30:41 2023 +0100

    HADOOP-18627. Add stronger wording in 'secure mode' introduction (#5406)
    
    Make it more clear that when deploying Hadoop 'secure mode' is generally 
not optional.
    
    Contributed by Arnout Engelen
---
 hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git 
a/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md 
b/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
index c36027794a2..45b0f1c83b7 100644
--- a/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
+++ b/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
@@ -20,7 +20,9 @@ Hadoop in Secure Mode
 Introduction
 ------------
 
-This document describes how to configure authentication for Hadoop in secure 
mode. When Hadoop is configured to run in secure mode, each Hadoop service and 
each user must be authenticated by Kerberos.
+In its default configuration, we expect you to make sure attackers don't have 
access to your Hadoop cluster by restricting all network access. If you want 
any restrictions on who can remotely access data or submit work, you MUST 
secure authentication and access for your Hadoop cluster as described in this 
document.
+
+When Hadoop is configured to run in secure mode, each Hadoop service and each 
user must be authenticated by Kerberos.
 
 Forward and reverse host lookup for all service hosts must be configured 
correctly to allow services to authenticate with each other. Host lookups may 
be configured using either DNS or `/etc/hosts` files. Working knowledge of 
Kerberos and DNS is recommended before attempting to configure Hadoop services 
in Secure Mode.
 


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-commits-h...@hadoop.apache.org

Reply via email to