Michael Ho created KUDU-2579:
--------------------------------
Summary: Failure in GetLoggedInUser() may cause a RPC client to
fail negotiation
Key: KUDU-2579
URL: https://issues.apache.org/jira/browse/KUDU-2579
Project: Kudu
Issue Type: Bug
Components: rpc
Affects Versions: 1.7.1
Reporter: Michael Ho
{{GetLoggedInUser()}} may fail when calling {{getpwuid_r()}}:
{noformat}
Error calling getpwuid_r(): No such file or directory (error 2).
{noformat}
In which case, a newly created Proxy object may have an empty username in the
user credentials. That leads to an error during negotiation when using plain
text SASL. it seems more robust to fall back to some default user name when
{{GetLoggedInUser()}} fails.
{noformat}
Not authorized: Client connection negotiation failed: client connection to
127.0.0.1:27000: SASL(-1): generic failure: All-whitespace username.
{noformat}
Relevant code below:
{noformat}
Proxy::Proxy(std::shared_ptr<Messenger> messenger,
const Sockaddr& remote,
string hostname,
string service_name)
: service_name_(std::move(service_name)),
messenger_(std::move(messenger)),
is_started_(false) {
CHECK(messenger_ != nullptr);
DCHECK(!service_name_.empty()) << "Proxy service name must not be blank";
// By default, we set the real user to the currently logged-in user.
// Effective user and password remain blank.
string real_user; <<----- "empty"
Status s = GetLoggedInUser(&real_user);
if (!s.ok()) {
LOG(WARNING) << "Proxy for " << service_name_ << ": Unable to get logged-in
user name: "
<< s.ToString() << " before connecting to remote: " <<
remote.ToString();
}
UserCredentials creds;
creds.set_real_user(std::move(real_user));
conn_id_ = ConnectionId(remote, std::move(hostname), std::move(creds));
}
{noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
