[jira] [Created] (HADOOP-11479) hdfs crypto -createZone fails to impersonate the real user in a kerberised environment

Ranadip (JIRA) Wed, 14 Jan 2015 12:14:51 -0800

Ranadip created HADOOP-11479:
--------------------------------

             Summary: hdfs crypto -createZone fails to impersonate the real 
user in a kerberised environment
                 Key: HADOOP-11479
                 URL: https://issues.apache.org/jira/browse/HADOOP-11479
             Project: Hadoop Common
          Issue Type: Bug
    Affects Versions: 2.6.0
         Environment: CentOS
            Reporter: Ranadip
            Priority: Blocker



The problem occurs when KMS key level acl is created for the key before the 
encryption zone is created. The command tried to create the encryption zone 
using "hdfs" user's identity and not the real user's identity.

Steps:
In a kerberised environment:
1. Create key level ACL in KMS for a new key.
2. Create encryption key now. (Goes through fine)
3. Create encryption zone. (Fails)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (HADOOP-11479) hdfs crypto -createZone fails to impersonate the real user in a kerberised environment

Reply via email to