Attila Doroszlai created HDDS-6742:
--------------------------------------
Summary: AddSCM call should be WRITE operation for audit
Key: HDDS-6742
URL: https://issues.apache.org/jira/browse/HDDS-6742
Project: Apache Ozone
Issue Type: Bug
Components: SCM
Reporter: Attila Doroszlai
Assignee: Attila Doroszlai
{{AddSCM}} operation is logged in audit as a "read" operation, which is by
default ignored. It should be "write", since it changes state.
{code:title=https://github.com/apache/ozone/blob/9f0766ecf1a38356db3eac0ef8a229114912d377/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java#L298-L323}
@Override
public boolean addSCM(AddSCMRequest request) throws IOException {
LOG.debug("Adding SCM {} addr {} cluster id {}",
request.getScmId(), request.getRatisAddr(), request.getClusterId());
Map<String, String> auditMap = Maps.newHashMap();
auditMap.put("scmId", String.valueOf(request.getScmId()));
auditMap.put("cluster", String.valueOf(request.getClusterId()));
auditMap.put("addr", String.valueOf(request.getRatisAddr()));
boolean auditSuccess = true;
try {
return scm.getScmHAManager().addSCM(request);
} catch (Exception ex) {
auditSuccess = false;
AUDIT.logReadFailure(
buildAuditMessageForFailure(SCMAction.ADD_SCM, auditMap, ex)
);
throw ex;
} finally {
if (auditSuccess) {
AUDIT.logReadSuccess(
buildAuditMessageForSuccess(SCMAction.ADD_SCM, auditMap)
);
}
}
}
{code}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
