[ https://issues.apache.org/jira/browse/HADOOP-13673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15822113#comment-15822113 ]
Ravi Prakash commented on HADOOP-13673: --------------------------------------- Hi Allen! Thanks for the patch! It looks good. I only could find these nits: # "Atempting" -> "Attempting" # Remove "${EUID} comes from the shell itself!" in hadoop-functions.sh # I'm not exactly sure how HADOOP_REEXECED_CMD is being used to prevent a fork bomb, but could a script set it to false explicitly as part of itself? i.e. what's preventing access to that variable from a user script? #pwd # Is hadoop_abs supposed to resolve links? If yes, in hadoop_abs.bats could you please add a test for links? > Update scripts to be smarter when running with privilege > -------------------------------------------------------- > > Key: HADOOP-13673 > URL: https://issues.apache.org/jira/browse/HADOOP-13673 > Project: Hadoop Common > Issue Type: New Feature > Components: scripts > Affects Versions: 3.0.0-alpha1, 3.0.0-alpha2 > Reporter: Allen Wittenauer > Assignee: Allen Wittenauer > Labels: security > Attachments: HADOOP-13673.00.patch, HADOOP-13673.01.patch, > HADOOP-13673.02.patch, HADOOP-13673.03.patch > > > As work continues on HADOOP-13397, it's become evident that we need better > hooks to start daemons as specifically configured users. Via the > (command)_(subcommand)_USER environment variables in 3.x, we actually have a > standardized way to do that. This in turn means we can make the sbin scripts > super functional with a bit of updating: > * Consolidate start-dfs.sh and start-secure-dns.sh into one script > * Make start-\*.sh and stop-\*.sh know how to switch users when run as root > * Undeprecate start/stop-all.sh so that it could be used as root for > production purposes and as a single user for non-production users -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org