[
https://issues.apache.org/jira/browse/HADOOP-12426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran updated HADOOP-12426:
------------------------------------
Attachment: HADOOP-12426-007.patch
Patch -007
# {{--nologin}} dump things but skip the login attempts
# {{--resource <xml-resource>}} add something (e.g hdfs-site.xml) to the
config. It's something that has to be on the classpath.
# core sysprops extended to include JVM version and vendor
# all sysprops are printed, (sorted), afterwards
# if /etc/ntp.conf is there, it gets printed (no parsing)
While getting this working, I encountered the problem where UGI would say "IOE
-failed to load", but the underlying messages were being stripped (even though
the original stack came through). I've gone through the UGI exception wrapping
code and made sure that the previous exception gets included in the error
strings. No other changes to UGI exceptions have been made. I know this pulls
in a bit of HADOOP-12649, but it was something I needed.
> Add Entry point for Kerberos health check
> -----------------------------------------
>
> Key: HADOOP-12426
> URL: https://issues.apache.org/jira/browse/HADOOP-12426
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.7.1
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Minor
> Attachments: HADOOP-12426-001.patch, HADOOP-12426-002.patch,
> HADOOP-12426-003.patch, HADOOP-12426-004.patch, HADOOP-12426-006.patch,
> HADOOP-12426-007.patch
>
>
> If we a little command line entry point for testing kerberos settings,
> including some automated diagnostics checks, we could simplify fielding the
> client-side support calls.
> Specifically
> * check JRE for having java crypto extensions at full key length.
> * network checks: do you know your own name?
> * Is the user kinited in?
> * if a tgt is specified, does it exist?
> * are hadoop security options consistent?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
