[jira] [Commented] (HDFS-4295) Using port 1023 should be valid when starting Secure DataNode

Fri, 04 Jan 2013 18:50:14 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-4295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13544538#comment-13544538
 ] 

liuyang commented on HDFS-4295:
-------------------------------

The jsvc program is used to start the DataNode listening on low port numbers, 
but DataNode cannot be started while running as no root user.
The exception as follow:
  Initializing secure datanode resources
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at 
org.apache.commons.daemon.support.DaemonLoader.load(DaemonLoader.java:164)
Caused by: java.net.SocketException: Permission denied
        at sun.nio.ch.Net.bind(Native Method)
        at 
sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126)
        at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
        at 
org.apache.hadoop.hdfs.server.datanode.SecureDataNodeStarter.init(SecureDataNodeStarter.java:76)
        ... 5 more
Cannot load daemon

anything I missed? 
                
> Using port 1023 should be valid when starting Secure DataNode
> -------------------------------------------------------------
>
>                 Key: HDFS-4295
>                 URL: https://issues.apache.org/jira/browse/HDFS-4295
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.0.0-alpha
>            Reporter: Stephen Chu
>            Assignee: Stephen Chu
>              Labels: trivial
>             Fix For: 3.0.0, 2.0.3-alpha
>
>         Attachments: HDFS-4295.patch
>
>
> In SecureDataNodeStarter:
> {code}
> if ((ss.getLocalPort() >= 1023 || listener.getPort() >= 1023) &&
>         UserGroupInformation.isSecurityEnabled()) {
>       throw new RuntimeException("Cannot start secure datanode with 
> unprivileged ports");
> }
> {code}
> This prohibits using port 1023, but this should be okay because only root can 
> listen to ports below 1024.
> We can change the >= to >.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to