[
https://issues.apache.org/jira/browse/HDFS-3568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13405202#comment-13405202
]
Colin Patrick McCabe commented on HDFS-3568:
--------------------------------------------
The general approach here is to allow libhdfs users to specify a kerberos
ticket cache file to use to connect. This ticket cache file is what gets
renewed when you call kinit. For each UNIX user, there should be one
associated ticket cache file. fuse_dfs locates this file and uses it to
connect to the HDFS filesystem.
The advantage of using the ticket cache file directly is that it limits the
scope of potential compromises. Only users who have kinited will have a ticket
cache file present. So even if a user succeeds in hacking his own fuse_dfs
daemon, he will only get access to the files of users who have kinit'ed on his
system.
Some other advantages: there is no additional configuration required from
system administrators besides Kerberos itself. This mode of operation is
consistent with other Kerberos-enabled programs, which require a valid Kerberos
login to function.
This patch has three main parts.
* The Java part adds the ability to connect using a Kerberos ticket cache to
UserGroupInformation.
* libhdfs now accepts a kerberos ticket cache parameter when connecting to an
hdfsFS. Because the number of different hdfsFS constructors was exploding
exponentially, I also added a builder system. libhdfs also now has a function
which can pull a configuration string from the HDFS Configuration object.
* the fuse_dfs part checks to see if Kerberos is configured (using
hdfsConfGet). If so, it uses the Kerberos ticket cache infrastructure
mentioned previously. There is also some code in fuse_dfs to locate the ticket
cache file for a particular UID.
> fuse_dfs: add support for security
> ----------------------------------
>
> Key: HDFS-3568
> URL: https://issues.apache.org/jira/browse/HDFS-3568
> Project: Hadoop HDFS
> Issue Type: Improvement
> Affects Versions: 1.0.0, 2.0.0-alpha
> Reporter: Colin Patrick McCabe
> Assignee: Colin Patrick McCabe
> Fix For: 1.1.0, 2.0.1-alpha
>
> Attachments: HDFS-3568.001.patch
>
>
> fuse_dfs should have support for Kerberos authentication. This would allow
> FUSE to be used in a secure cluster.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
