[
https://issues.apache.org/jira/browse/BIGTOP-849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13581673#comment-13581673
]
Konstantin Boudnik commented on BIGTOP-849:
-------------------------------------------
Technically speaking, this seems like a bug in the upstream, e.g. HBase itself.
Instead of calling privileged
{{org.apache.hadoop.hdfs.DistributedFileSystem.setSafeMode}} Hbase can simply
check the presence of {{hbase.roodir}}. If it isn't there, then it will try to
create it and - if NN is in safe mode - the {{mkdir}} op will fail.
So, no need to have hdfs admin privileges, which is a security issue IMO.
Going one more step further, HDFS should really raise the hell if someone is
trying to get the current state of safemode. This information should be
available to anyone in my opinion.
So, while we can workaround this issue here in Bigtop, is has to be properly
solved in Hbase or HDFS. But I won't hold my breath on that one...
> Hbase-master package should add hbase user to hdfs super group (usually
> hadoop)
> -------------------------------------------------------------------------------
>
> Key: BIGTOP-849
> URL: https://issues.apache.org/jira/browse/BIGTOP-849
> Project: Bigtop
> Issue Type: Bug
> Reporter: Konstantin Boudnik
>
> Upon installation of hbase-master the daemon can't start because it has to be
> a member of HDFS super group (usually {{hadoop}}) to be able to invoke
> dfsadmin API. Otherwise, access denied exception is thrown and daemon is shut
> down.
> The package should automatically make the configuration change to avoid the
> problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
