[
https://issues.apache.org/jira/browse/HADOOP-16958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17081370#comment-17081370
]
Ctest edited comment on HADOOP-16958 at 4/11/20, 4:38 PM:
----------------------------------------------------------
The tests failed because I moved the check policy==null to the start of
ZKFCRpcServer and did not check whether HADOOP_SECURITY_AUTHORIZATION is true.
Policy should not be null if HADOOP_SECURITY_AUTHORIZATION is true.
There is a check HADOOP_SECURITY_AUTHORIZATION==true at the end of
ZKFCRpcServer but not at the start. Should I still move the policy==null check
back to the end? Or add an additional check that for
HADOOP_SECURITY_AUTHORIZATION==true and policy==null at the starting, like
below?
{code:java}
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
ZKFCRpcServer(Configuration conf,
InetSocketAddress bindAddr,
ZKFailoverController zkfc,
- PolicyProvider policy) throws IOException {
+ PolicyProvider policy) throws IOException,
HadoopIllegalArgumentException {
+ boolean securityAuthorizationEnabled = conf.getBoolean(
+ CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION,
+ false);
+ if (securityAuthorizationEnabled && policy == null) {
+ throw new HadoopIllegalArgumentException(
+ CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION
+ + "is configured to true but service-level"
+ + "authorization security policy is null.");
+ }
+
this.zkfc = zkfc;
RPC.setProtocolEngine(conf, ZKFCProtocolPB.class,
@@ -61,8 +73,7 @@
.setVerbose(false).build();
// set service-level authorization security policy
- if (conf.getBoolean(
- CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false)) {
+ if (securityAuthorizationEnabled) {
server.refreshServiceAcl(conf, policy);
}
{code}
was (Author: ctest.team):
The tests failed because I moved the check policy==null to the start of
ZKFCRpcServer and did not check whether HADOOP_SECURITY_AUTHORIZATION is true.
Policy should not be null if HADOOP_SECURITY_AUTHORIZATION is true.
There is a check HADOOP_SECURITY_AUTHORIZATION==true at the end of
ZKFCRpcServer but not at the start. Should I still move the policy==null check
back to the end? Or add an additional check that for
HADOOP_SECURITY_AUTHORIZATION==true and policy==null at the starting, like
below?
{code:java}
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
index 86dd91ee142..6c49d70a1d7 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/ha/ZKFCRpcServer.java
@@ -20,6 +20,8 @@
import java.io.IOException;
import java.net.InetSocketAddress;
+import com.sun.org.apache.xpath.internal.operations.Bool;
+import org.apache.hadoop.HadoopIllegalArgumentException;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configuration;
@@ -46,7 +48,17 @@
ZKFCRpcServer(Configuration conf,
InetSocketAddress bindAddr,
ZKFailoverController zkfc,
- PolicyProvider policy) throws IOException {
+ PolicyProvider policy) throws IOException,
HadoopIllegalArgumentException {
+ boolean securityAuthorizationEnabled = conf.getBoolean(
+ CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION,
+ false);
+ if (securityAuthorizationEnabled && policy == null) {
+ throw new HadoopIllegalArgumentException(
+ CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION
+ + "is configured to true but service-level"
+ + "authorization security policy is null.");
+ }
+
this.zkfc = zkfc;
RPC.setProtocolEngine(conf, ZKFCProtocolPB.class,
@@ -61,8 +73,7 @@
.setVerbose(false).build();
// set service-level authorization security policy
- if (conf.getBoolean(
- CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false)) {
+ if (securityAuthorizationEnabled) {
server.refreshServiceAcl(conf, policy);
}
{code}
> NullPointerException(NPE) when hadoop.security.authorization is enabled but
> the input PolicyProvider for ZKFCRpcServer is NULL
> ------------------------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-16958
> URL: https://issues.apache.org/jira/browse/HADOOP-16958
> Project: Hadoop Common
> Issue Type: Bug
> Components: common, ha
> Affects Versions: 3.2.1
> Reporter: Ctest
> Priority: Critical
> Attachments: HADOOP-16958.000.patch, HADOOP-16958.001.patch,
> HADOOP-16958.002.patch
>
>
> During initialization, ZKFCRpcServer refreshes the service authorization ACL
> for the service handled by this server if config
> hadoop.security.authorization is enabled, by calling refreshServiceAcl with
> the input PolicyProvider and Configuration.
> {code:java}
> ZKFCRpcServer(Configuration conf,
> InetSocketAddress bindAddr,
> ZKFailoverController zkfc,
> PolicyProvider policy) throws IOException {
> this.server = ...
>
> // set service-level authorization security policy
> if (conf.getBoolean(
> CommonConfigurationKeys.HADOOP_SECURITY_AUTHORIZATION, false)) {
> server.refreshServiceAcl(conf, policy);
> }
> }{code}
> refreshServiceAcl calls
> ServiceAuthorizationManager#refreshWithLoadedConfiguration which directly
> gets services from the provider with provider.getServices(). When the
> provider is NULL, the code throws NPE without an informative message. In
> addition, the default value of config
> `hadoop.security.authorization.policyprovider` (which controls PolicyProvider
> here) is NULL and the only usage of ZKFCRpcServer initializer provides only
> an abstract method getPolicyProvider which does not enforce that
> PolicyProvider should not be NULL.
> The suggestion here is to either add a guard check or exception handling with
> an informative logging message on ZKFCRpcServer to handle input
> PolicyProvider being NULL.
>
> I am very happy to provide a patch for it if the issue is confirmed :)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
