[jira] [Work logged] (HADOOP-17631) Configuration ${env.VAR:-FALLBACK} should eval FALLBACK when restrictSystemProps=true

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HADOOP-17631?focusedWorklogId=594721&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-594721
 ]

ASF GitHub Bot logged work on HADOOP-17631:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 11/May/21 19:10
            Start Date: 11/May/21 19:10
    Worklog Time Spent: 10m 
      Work Description: steveloughran commented on pull request #2977:
URL: https://github.com/apache/hadoop/pull/2977#issuecomment-839020783


   could i trouble @aw-was-here qnd @lmccay for a review of this? it's going 
near security issues on a file with significant scope for damage if I get it 
wrong.
   
   key issue: in secure configs the fallback for undefined env cars stops 
working. this fix ensures that the fallback is resolved; all env vars and 
system properties are treated as undefined. the env. fallback then happens 
automatically. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 594721)
    Remaining Estimate: 0h
            Time Spent: 10m

> Configuration ${env.VAR:-FALLBACK} should eval FALLBACK when 
> restrictSystemProps=true 
> --------------------------------------------------------------------------------------
>
>                 Key: HADOOP-17631
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17631
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: common
>    Affects Versions: 3.3.0
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> When configuration reads in resources with a restricted parser, it skips 
> evaluaging system ${env. } vars. But it also skips evaluating fallbacks
> As a result, a property like
> ${env.LOCAL_DIRS:-${hadoop.tmp.dir}} ends up evaluating as 
> ${env.LOCAL_DIRS:-${hadoop.tmp.dir}}
> It should instead fall back to the "env var unset" option of 
> ${hadoop.tmp.dir}. This allows for configs (like for s3a buffer dirs) which 
> are usable in restricted mode as well as unrestricted deployments.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org