[
https://issues.apache.org/jira/browse/HADOOP-10224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14069875#comment-14069875
]
Alejandro Abdelnur commented on HADOOP-10224:
---------------------------------------------
As commented in HADOOP-10869, this could be done as follows:
KeyProvider should {{flush()}} to a temporary file, load temporary file to
verify it is healthy and then rename the temporary file to the actual file. The
rename must be done in 2 steps to enable recovery on startup if the rename
process was not complete:
* rename CURRENT to OLD
* rename NEW to CURRENT
* delete OLD
On start up:
* if CURRENT exists, delete NEW & OLD
* if CURRENT does not exist and OLD exists, rename OLD back to CURRENT and
delete NEW
> JavaKeyStoreProvider has to protect against corrupting underlying store
> -----------------------------------------------------------------------
>
> Key: HADOOP-10224
> URL: https://issues.apache.org/jira/browse/HADOOP-10224
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Larry McCay
> Assignee: Larry McCay
>
> Java keystores get corrupted at times. A key management operation that writes
> the store to disk could cause a corruption and all protected data would then
> be unaccessible.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
