Andy Isaacson created HDFS-3535:
-----------------------------------
Summary: audit logging should log denied accesses as well as
permitted ones
Key: HDFS-3535
URL: https://issues.apache.org/jira/browse/HDFS-3535
Project: Hadoop HDFS
Issue Type: New Feature
Components: name-node
Affects Versions: 2.0.0-alpha
Reporter: Andy Isaacson
Assignee: Andy Isaacson
FSNamesystem.java logs an audit log entry when a user successfully accesses the
filesystem:
{code}
logAuditEvent(UserGroupInformation.getLoginUser(),
Server.getRemoteIp(),
"concat", Arrays.toString(srcs), target, resultingStat);
{code}
but there is no similar log when a user attempts to access the filesystem and
is denied due to permissions. Competing systems do provide such logging of
denied access attempts; we should too.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
