[
https://issues.apache.org/jira/browse/HDDS-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Elek, Marton updated HDDS-1716:
-------------------------------
Description:
[~eyang] reported the problem in HDDS-1609 that the smoketest results are
generated a user (the user inside the docker container) which can be different
from the host user.
There is a minimal risk that the test results can be deleted/corrupted by an
other users if the current user is different from uid=1000
I opened this issue because [~eyang] said me during an offline discussion that
HDDS-1609 is a more complex issue and not only about the ownership of the test
results.
I suggest to handle the two problems in different way. With this patch, the
permission of the test result files can be fixed easily.
In HDDS-1609 we can discuss about general security problems and try to find
generic solution for them.
Steps to reproduce _this_ problem:
# Use a user which is different from uid=1000
# Create a new ozone build (mvn clean install -f pom.ozone.xml -DskipTests)
# Go to a compose directory (cd
hadoop-ozone/dist/target/ozone-0.5.0-SNAPSHOT/compose/)
# Execute tests (./test.sh)
# check the ownership of the results (ls -lah ./results)
Current result: the owner of the result files are the user uid=1000
Expected result: the owner of the files should be always the current user (even
if the current uid is different)
was:
[~eyang] reported the problem in HDDS-1609 that the smoketest results are
generated a user (the user inside the docker container) which can be different
from the host user.
There is a minimal risk that the test results can be deleted/corrupted by an
other users if the current user is different from uid=1000
I opened this issue because [~eyang] said me during an offline discussion that
HDDS-1609 is a more complex issue and not only about the ownership of the test
results.
I suggest to handle the two problems in different way. With this patch, the
permission of the test result files can be fixed easily.
In HDDS-1609 we can discuss about general security problems and try to find
generic solution for them.
Steps to reproduce _this_ the problem:
# Use a user which is different from uid=1000
# Create a new ozone build (mvn clean install -f pom.ozone.xml -DskipTests)
# Go to a compose directory (cd
hadoop-ozone/dist/target/ozone-0.5.0-SNAPSHOT/compose/)
# Execute tests (./test.sh)
# check the ownership of the results (ls -lah ./results)
Current result: the owner of the result files are the user uid=1000
Expected result: the owner of the files should be always the current user (even
if the current uid is different)
> Smoketest results are generated with an internal user
> -----------------------------------------------------
>
> Key: HDDS-1716
> URL: https://issues.apache.org/jira/browse/HDDS-1716
> Project: Hadoop Distributed Data Store
> Issue Type: Bug
> Reporter: Elek, Marton
> Assignee: Elek, Marton
> Priority: Minor
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> [~eyang] reported the problem in HDDS-1609 that the smoketest results are
> generated a user (the user inside the docker container) which can be
> different from the host user.
> There is a minimal risk that the test results can be deleted/corrupted by an
> other users if the current user is different from uid=1000
> I opened this issue because [~eyang] said me during an offline discussion
> that HDDS-1609 is a more complex issue and not only about the ownership of
> the test results.
> I suggest to handle the two problems in different way. With this patch, the
> permission of the test result files can be fixed easily.
> In HDDS-1609 we can discuss about general security problems and try to find
> generic solution for them.
> Steps to reproduce _this_ problem:
> # Use a user which is different from uid=1000
> # Create a new ozone build (mvn clean install -f pom.ozone.xml -DskipTests)
> # Go to a compose directory (cd
> hadoop-ozone/dist/target/ozone-0.5.0-SNAPSHOT/compose/)
> # Execute tests (./test.sh)
> # check the ownership of the results (ls -lah ./results)
> Current result: the owner of the result files are the user uid=1000
> Expected result: the owner of the files should be always the current user
> (even if the current uid is different)
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
