[
https://issues.apache.org/jira/browse/HADOOP-16361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861072#comment-16861072
]
Jim Brennan commented on HADOOP-16361:
--------------------------------------
This was fixed in trunk in HADOOP-16031, but that fix is dependent on
HADOOP-15996.
[~eyang] commented on this in HADOOP-16031:
{quote}Jim Brennan This patch does not apply to branch-2 because:
1. When TestSecureLogins was merged, HADOOP-12751 was in branch-2.
2. acl_to_local act as a firewall rule again after HADOOP-15959 reverted
HADOOP-12751.
3. acl_to_local pass through is only allowed in Hadoop 3.1.2+ by HADOOP-15996
(new feature).
The test case does not have a way to work in branch-2 latest anymore because
lack of ability to allow non-matching auth_to_local rule to pass through. It
would be best to open a separate issue to address the gap because the branch-2
KerberosName#getShortName() lacks the ability to handle complex non-kerberos
name (zookeeper/localhost).
{quote}
Has this test always failed in branch-2? Or did something change that caused
it to start failing?
I don't know what the appropriate solution is here.
cc: [~daryn], [[email protected]]
> TestSecureLogins#testValidKerberosName fails on branch-2
> --------------------------------------------------------
>
> Key: HADOOP-16361
> URL: https://issues.apache.org/jira/browse/HADOOP-16361
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.10.0, 2.9.2, 2.8.5
> Reporter: Jim Brennan
> Priority: Major
>
> This test is failing in branch-2.
> {noformat}
> [ERROR] Tests run: 11, Failures: 0, Errors: 1, Skipped: 0, Time elapsed:
> 26.917 s <<< FAILURE! - in org.apache.hadoop.registry.secure.TestSecureLogins
> [ERROR]
> testValidKerberosName(org.apache.hadoop.registry.secure.TestSecureLogins)
> Time elapsed: 0.007 s <<< ERROR!
> org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule:
> No rules applied to zookeeper/localhost
> at
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:401)
> at
> org.apache.hadoop.registry.secure.TestSecureLogins.testValidKerberosName(TestSecureLogins.java:182)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> at
> org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
> at
> org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
> at
> org.junit.internal.runners.statements.FailOnTimeout$StatementThread.run(FailOnTimeout.java:74)
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
