[jira] Commented: (HDFS-1033) In secure clusters, NN and SNN should verify that the remote principal during image and edits transfer

Hadoop QA (JIRA) Thu, 01 Jul 2010 20:05:21 -0700

    [ 
https://issues.apache.org/jira/browse/HDFS-1033?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12884521#action_12884521
 ]


Hadoop QA commented on HDFS-1033:
---------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12448531/HDFS-1033-2.patch
  against trunk revision 959792.

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 2 new or modified tests.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

    +1 findbugs.  The patch does not introduce any new Findbugs warnings.

    +1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

    -1 core tests.  The patch failed core unit tests.

    -1 contrib tests.  The patch failed contrib unit tests.

Test results: 
http://hudson.zones.apache.org/hudson/job/Hdfs-Patch-h5.grid.sp2.yahoo.net/418/testReport/
Findbugs warnings: 
http://hudson.zones.apache.org/hudson/job/Hdfs-Patch-h5.grid.sp2.yahoo.net/418/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Checkstyle results: 
http://hudson.zones.apache.org/hudson/job/Hdfs-Patch-h5.grid.sp2.yahoo.net/418/artifact/trunk/build/test/checkstyle-errors.html
Console output: 
http://hudson.zones.apache.org/hudson/job/Hdfs-Patch-h5.grid.sp2.yahoo.net/418/console

This message is automatically generated.

> In secure clusters, NN and SNN should verify that the remote principal during 
> image and edits transfer
> ------------------------------------------------------------------------------------------------------
>
>                 Key: HDFS-1033
>                 URL: https://issues.apache.org/jira/browse/HDFS-1033
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: security
>            Reporter: Jakob Homan
>            Assignee: Jakob Homan
>             Fix For: 0.22.0
>
>         Attachments: HDFS-1033-2.patch, HDFS-1033-Y20.patch, HDFS-1033.patch
>
>
> Currently anyone can connect and download image/edits from Namenode.  In a 
> secure cluster we can verify the identity of the principal making the 
> request; we should disallow requests from anyone except the NN and SNN 
> principals (and their hosts due to the lousy KerbSSL limitation).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (HDFS-1033) In secure clusters, NN and SNN should verify that the remote principal during image and edits transfer

Reply via email to