[
https://issues.apache.org/jira/browse/HADOOP-8357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13268604#comment-13268604
]
Benoy Antony commented on HADOOP-8357:
--------------------------------------
I have been working on incorporating security into Hadoop 0.22. I am
assembling changes in my internal branch.The work is close to completion in
terms of development and testing.
I started by reverting MAPREDUCE-2767.
The main jiras that I have incorporated are
MAPREDUCE-2178 - Race condition in LinuxTaskController permissions handling
HADOOP-7119 add Kerberos HTTP SPNEGO authentication support to Hadoop JT/NN/DN/TT web-consoles
I have incorporated the following patches from 1.0 addressing bugs and
vulnerabilities
MAPREDUCE-2420. JobTracker should be able to renew delegation token over HTTP
MAPREDUCE-2452 - Delegation token cancellation shouldn't hold global JobTracker
lock
HADOOP - 7272 - Remove unnecessary security related info logs
HDFS-1584 - Adds a check for whether relogin is needed to getDelegationToken in HftpFileSystem(Kan Zhang)
HADOOP-7215. RPC clients must use network interface corresponding to the host in the client's kerberos principal key
MAPREDUCE-2651 Race condition in Linux Task Controller for job log directory creation
HADOOP-7115. Reduces the number of calls to getpwuid_r and getpwgid_r, by implementing a cache in NativeIO. (ddas)
MAPREDUCE-2377. task-controller fails to parse configuration if it doesn't end in \n
MAPREDUCE-2103 task-controller shouldn't require o-r permissions
MAPREDUCE-2376 test-task-controller fails if run as a userid < 1000
Fixing an issue to do with setting of correct groups for tasks
I fixed some issues found during testing for which I will file new jiras. They
include
1) Task Termination by TT when fatal error occurs
2) Failure in deleting user directories when security is enabled
3) some build changes are needed
I have been testing the secure hadoop on cluster of 6 nodes. I have also tested
with security disabled to make sure that unsecured version still works.
Once I am done with remaining work, I can start adding patches to the above
jiras as well as create jiras for additional issues.
> Restore security in Hadoop 0.22 branch
> --------------------------------------
>
> Key: HADOOP-8357
> URL: https://issues.apache.org/jira/browse/HADOOP-8357
> Project: Hadoop Common
> Issue Type: Task
> Components: security
> Affects Versions: 0.22.0
> Reporter: Konstantin Shvachko
>
> This is to track changes for restoring security in 0.22 branch.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
