[jira] [Updated] (HDDS-6742) Audit operation category mismatch

Attila Doroszlai (Jira) Mon, 16 May 2022 05:16:05 -0700


     [ 
https://issues.apache.org/jira/browse/HDDS-6742?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Attila Doroszlai updated HDDS-6742:
-----------------------------------
    Fix Version/s: 1.3.0
       Resolution: Fixed
           Status: Resolved  (was: Patch Available)

> Audit operation category mismatch
> ---------------------------------
>
>                 Key: HDDS-6742
>                 URL: https://issues.apache.org/jira/browse/HDDS-6742
>             Project: Apache Ozone
>          Issue Type: Bug
>          Components: SCM
>            Reporter: Attila Doroszlai
>            Assignee: Attila Doroszlai
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 1.3.0
>
>
> {{AddSCM}} operation is logged in audit as a "read" operation, which is by 
> default ignored.  It should be "write", since it changes state.
> {code:title=https://github.com/apache/ozone/blob/9f0766ecf1a38356db3eac0ef8a229114912d377/hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMBlockProtocolServer.java#L298-L323}
>   @Override
>   public boolean addSCM(AddSCMRequest request) throws IOException {
>     LOG.debug("Adding SCM {} addr {} cluster id {}",
>         request.getScmId(), request.getRatisAddr(), request.getClusterId());
>     Map<String, String> auditMap = Maps.newHashMap();
>     auditMap.put("scmId", String.valueOf(request.getScmId()));
>     auditMap.put("cluster", String.valueOf(request.getClusterId()));
>     auditMap.put("addr", String.valueOf(request.getRatisAddr()));
>     boolean auditSuccess = true;
>     try {
>       return scm.getScmHAManager().addSCM(request);
>     } catch (Exception ex) {
>       auditSuccess = false;
>       AUDIT.logReadFailure(
>           buildAuditMessageForFailure(SCMAction.ADD_SCM, auditMap, ex)
>       );
>       throw ex;
>     } finally {
>       if (auditSuccess) {
>         AUDIT.logReadSuccess(
>             buildAuditMessageForSuccess(SCMAction.ADD_SCM, auditMap)
>         );
>       }
>     }
>   }
> {code}
> There are a few more examples both ways (read should be write or write should 
> be read).



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HDDS-6742) Audit operation category mismatch

Reply via email to