zhaoyunjiong created HDFS-6829:
----------------------------------
Summary: DFSAdmin refreshSuperUserGroupsConfiguration failed in
security cluster
Key: HDFS-6829
URL: https://issues.apache.org/jira/browse/HDFS-6829
Project: Hadoop HDFS
Issue Type: Bug
Components: tools
Affects Versions: 2.4.1
Reporter: zhaoyunjiong
Assignee: zhaoyunjiong
Priority: Minor
When we run command "hadoop dfsadmin -refreshSuperUserGroupsConfiguration", it
failed and report below message:
14/08/05 21:32:06 WARN security.MultiRealmUserAuthentication: The
serverPrincipal = doesn't confirm to the standards
refreshSuperUserGroupsConfiguration: null
After check the code, I found the bug was triggered by below reasons:
1. We didn't set CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY,
which needed by RefreshUserMappingsProtocol. And in DFSAdmin, if no
CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY set, it will try
to use DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY:
conf.set(CommonConfigurationKeys.HADOOP_SECURITY_SERVICE_USER_NAME_KEY,
conf.get(DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, ""));
2. But we set DFSConfigKeys.DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY in hdfs-site.xml
3. DFSAdmin didn't load hdfs-site.xml
--
This message was sent by Atlassian JIRA
(v6.2#6252)
