[
https://issues.apache.org/jira/browse/DRILL-8352?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Turton updated DRILL-8352:
--------------------------------
Issue Type: Bug (was: Improvement)
> Log noise when attempting to look up Unix user groups for a non-existent user
> -----------------------------------------------------------------------------
>
> Key: DRILL-8352
> URL: https://issues.apache.org/jira/browse/DRILL-8352
> Project: Apache Drill
> Issue Type: Bug
> Components: Security
> Affects Versions: 1.20.2
> Reporter: James Turton
> Assignee: James Turton
> Priority: Minor
>
> With Vault authn configured, with the consequence that Drill's users are not
> known to the local OS, messages such as the following are logged by the
> Hadoop libs used by Drill.
> {code:java}
> 09:33:30.805 [qtp2108455110-42] WARN o.a.h.s.ShellBasedUnixGroupsMapping -
> unable to return groups for user user-1-1
> org.apache.hadoop.security.ShellBasedUnixGroupsMapping$PartialGroupNameException:
> The user name 'user-1-1' is not found. id: user-1-1: no such user
> id: user-1-1: no such user
> at
> org.apache.hadoop.security.ShellBasedUnixGroupsMapping.resolvePartialGroupNames(ShellBasedUnixGroupsMapping.java:294)
> at
> org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getUnixGroups(ShellBasedUnixGroupsMapping.java:207)
> at
> org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getGroups(ShellBasedUnixGroupsMapping.java:97)
> at
> org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback.getGroups(JniBasedUnixGroupsMappingWithFallback.java:51)
> at
> org.apache.hadoop.security.Groups$GroupCacheLoader.fetchGroupList(Groups.java:387)
> at org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:321)
> at org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:270)
> at
> com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3529)
> at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2278)
> at
> com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2155)
> at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2045)
> at com.google.common.cache.LocalCache.get(LocalCache.java:3962)
> at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3985)
> at
> com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4946)
> at org.apache.hadoop.security.Groups.getGroups(Groups.java:228)
> at
> org.apache.hadoop.security.UserGroupInformation.getGroups(UserGroupInformation.java:1620)
> at
> org.apache.hadoop.security.UserGroupInformation.getGroupNames(UserGroupInformation.java:1608)
> at
> org.apache.drill.exec.util.ImpersonationUtil.hasAdminPrivileges(ImpersonationUtil.java:244)
> at
> org.apache.drill.exec.server.rest.auth.DrillRestLoginService.login(DrillRestLoginService.java:85)
> at
> org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:67)
> at
> org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:89)
> at
> org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:66)
> at org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1715)
> at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at
> java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
