[jira] [Created] (HADOOP-13771) Adding group mapping lookup utility without dependency on HDFS namenode

Xiaoyu Yao (JIRA) Fri, 28 Oct 2016 15:25:12 -0700

Xiaoyu Yao created HADOOP-13771:
-----------------------------------

             Summary: Adding group mapping lookup utility without dependency on 
HDFS namenode
                 Key: HADOOP-13771
                 URL: https://issues.apache.org/jira/browse/HADOOP-13771
             Project: Hadoop Common
          Issue Type: Bug
          Components: security, tools
            Reporter: Xiaoyu Yao
            Assignee: Xiaoyu Yao



We have {{hdfs groups}} command to troubleshoot issues related to users' group 
member look up with Unix/LDAP. However, there are some limitation of this 
command: 1) it can only be executed when namenode is running. 2) any change in 
the group mapping lookup configuration needs a hdfs namenode restart, which is 
expensive. 

This ticket is proposed to have a simple CLI utility like HadoopKerberosName
{code}
hadoop org.apache.hadoop.security.HadoopKerberosName nn/localh...@hdpdev.dev.com
{code}

The CLI utility for group member lookup will have a usage like below without 
namenode running or restart for configuration change.
{code}
hadoop org.apache.hadoop.security.Groups hdfs
hdfs : [hadoop, hdfs]
{code}






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org

[jira] [Created] (HADOOP-13771) Adding group mapping lookup utility without dependency on HDFS namenode

Reply via email to