[jira] [Work logged] (HDFS-15850) Superuser actions should be reported to external enforcers

Sat, 20 Mar 2021 13:49:11 -0700 


     [ 
https://issues.apache.org/jira/browse/HDFS-15850?focusedWorklogId=569291&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-569291
 ]

ASF GitHub Bot logged work on HDFS-15850:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 20/Mar/21 20:48
            Start Date: 20/Mar/21 20:48
    Worklog Time Spent: 10m 
      Work Description: vivekratnavel commented on pull request #2784:
URL: https://github.com/apache/hadoop/pull/2784#issuecomment-803461094


   Hi @xiaoyuyao, thanks for the review. I have updated the patch addressing 
all your comments. Please take another look. 
   Thanks! 
   
   I also checked the unit test failures in the previous patch and none seemed 
to be related to my changes. I will check them again after CI finishes for the 
latest patch.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 569291)
    Time Spent: 1h 10m  (was: 1h)

> Superuser actions should be reported to external enforcers
> ----------------------------------------------------------
>
>                 Key: HDFS-15850
>                 URL: https://issues.apache.org/jira/browse/HDFS-15850
>             Project: Hadoop HDFS
>          Issue Type: Task
>          Components: security
>    Affects Versions: 3.3.0
>            Reporter: Vivek Ratnavel Subramanian
>            Assignee: Vivek Ratnavel Subramanian
>            Priority: Major
>              Labels: pull-request-available
>         Attachments: HDFS-15850.v1.patch, HDFS-15850.v2.patch
>
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Currently, HDFS superuser checks or actions are not reported to external 
> enforcers like Ranger and the audit report provided by such external enforces 
> are not complete and are missing the superuser actions. To fix this, add a 
> new method to "AccessControlEnforcer" for all superuser checks. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to