[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Hudson (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15608654#comment-15608654
 ] 

Hudson commented on HDFS-11053:
---

SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #10686 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/10686/])
HDFS-11053. Unnecessary superuser check in versionRequest(). Contributed 
(kihwal: rev e90af4a89ba2741aeca20ead47699587b14f0de8)
* (edit) 
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNodeRpcServer.java


> Unnecessary superuser check in versionRequest()
> ---
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: namenode, security
>Reporter: Kihwal Lee
>Assignee: Kihwal Lee
> Fix For: 2.7.4, 3.0.0-alpha2
>
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information.  It 
> is mainly used for sanity checks.   The presence of 
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs 
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the 
> intruder to gain hdfs superuser privilege.  We should allow datanodes to be 
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from 
> {{versionRequest()}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Brahma Reddy Battula (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15608553#comment-15608553
 ] 

Brahma Reddy Battula commented on HDFS-11053:
-

Nice Catch,me too +1.

> Unnecessary superuser check in versionRequest()
> ---
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: namenode, security
>Reporter: Kihwal Lee
>Assignee: Kihwal Lee
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information.  It 
> is mainly used for sanity checks.   The presence of 
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs 
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the 
> intruder to gain hdfs superuser privilege.  We should allow datanodes to be 
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from 
> {{versionRequest()}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Daryn Sharp (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15608543#comment-15608543
 ] 

Daryn Sharp commented on HDFS-11053:


+1 Good change for secure setups.  I checked the jira that added the line and 
it appeared to just be a blanket change to a protocol interface, not 
necessarily intended.

> Unnecessary superuser check in versionRequest()
> ---
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: namenode, security
>Reporter: Kihwal Lee
>Assignee: Kihwal Lee
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information.  It 
> is mainly used for sanity checks.   The presence of 
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs 
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the 
> intruder to gain hdfs superuser privilege.  We should allow datanodes to be 
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from 
> {{versionRequest()}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Kihwal Lee (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15608530#comment-15608530
 ] 

Kihwal Lee commented on HDFS-11053:
---

Ran three times. They all pass.
{noformat}
---
 T E S T S
---
Running org.apache.hadoop.hdfs.server.datanode.TestHSync
Tests run: 5, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 14.18 sec - in 
org.apache.hadoop.hdfs.server.datanode.TestHSync
Running org.apache.hadoop.hdfs.server.datanode.TestBlockScanner
Tests run: 13, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 62.069 sec - 
in org.apache.hadoop.hdfs.server.datanode.TestBlockScanner
Running 
org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestSpaceReservation
Tests run: 10, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 90.937 sec - 
in org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestSpaceReservation
Running org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestLazyWriter
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 112.881 sec - 
in org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestLazyWriter
Running org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestWriteToReplica
Tests run: 5, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 12.629 sec - in 
org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestWriteToReplica
Running org.apache.hadoop.hdfs.server.datanode.TestDataNodeErasureCodingMetrics
Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 12.712 sec - in 
org.apache.hadoop.hdfs.server.datanode.TestDataNodeErasureCodingMetrics
Running org.apache.hadoop.hdfs.server.namenode.TestAddStripedBlockInFBR
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 8.412 sec - in 
org.apache.hadoop.hdfs.server.namenode.TestAddStripedBlockInFBR
Running org.apache.hadoop.cli.TestAclCLIWithPosixAclInheritance
Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 5.635 sec - in 
org.apache.hadoop.cli.TestAclCLIWithPosixAclInheritance

Results :

Tests run: 44, Failures: 0, Errors: 0, Skipped: 0
{noformat}

> Unnecessary superuser check in versionRequest()
> ---
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: namenode, security
>Reporter: Kihwal Lee
>Assignee: Kihwal Lee
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information.  It 
> is mainly used for sanity checks.   The presence of 
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs 
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the 
> intruder to gain hdfs superuser privilege.  We should allow datanodes to be 
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from 
> {{versionRequest()}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Hadoop QA (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15606571#comment-15606571
 ] 

Hadoop QA commented on HDFS-11053:
--

| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:blue}0{color} | {color:blue} reexec {color} | {color:blue}  0m 
14s{color} | {color:blue} Docker mode activated. {color} |
| {color:green}+1{color} | {color:green} @author {color} | {color:green}  0m  
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:red}-1{color} | {color:red} test4tests {color} | {color:red}  0m  
0s{color} | {color:red} The patch doesn't appear to include any new or modified 
tests. Please justify why no new tests are needed for this patch. Also please 
list what manual steps were performed to verify this patch. {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green}  6m 
58s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green}  0m 
44s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green}  0m 
26s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} mvnsite {color} | {color:green}  0m 
52s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green}  0m 
12s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green}  1m 
41s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green}  0m 
37s{color} | {color:green} trunk passed {color} |
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green}  0m 
43s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green}  0m 
41s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green}  0m 
41s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} checkstyle {color} | {color:green}  0m 
23s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvnsite {color} | {color:green}  0m 
48s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} mvneclipse {color} | {color:green}  0m 
 9s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green}  0m 
 0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} findbugs {color} | {color:green}  1m 
47s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green}  0m 
35s{color} | {color:green} the patch passed {color} |
| {color:red}-1{color} | {color:red} unit {color} | {color:red} 48m 23s{color} 
| {color:red} hadoop-hdfs in the patch failed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green}  0m 
20s{color} | {color:green} The patch does not generate ASF License warnings. 
{color} |
| {color:black}{color} | {color:black} {color} | {color:black} 66m 42s{color} | 
{color:black} {color} |
\\
\\
|| Reason || Tests ||
| Failed junit tests | hadoop.hdfs.server.namenode.TestAddStripedBlockInFBR |
| Timed out junit tests | org.apache.hadoop.hdfs.server.datanode.TestHSync |
|   | org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestLazyWriter |
|   | org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestWriteToReplica |
|   | 
org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.TestSpaceReservation |
|   | org.apache.hadoop.hdfs.server.datanode.TestBlockScanner |
|   | org.apache.hadoop.hdfs.server.datanode.TestDataNodeErasureCodingMetrics |
|   | org.apache.hadoop.cli.TestAclCLIWithPosixAclInheritance |
\\
\\
|| Subsystem || Report/Notes ||
| Docker |  Image:yetus/hadoop:9560f25 |
| JIRA Issue | HDFS-11053 |
| JIRA Patch URL | 
https://issues.apache.org/jira/secure/attachment/12835197/HDFS-11053.patch |
| Optional Tests |  asflicense  compile  javac  javadoc  mvninstall  mvnsite  
unit  findbugs  checkstyle  |
| uname | Linux d876a6677491 3.13.0-92-generic #139-Ubuntu SMP Tue Jun 28 
20:42:26 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | /testptch/hadoop/patchprocess/precommit/personality/provided.sh 
|
| git revision | trunk / de6faae |
| Default Java | 1.8.0_101 |
| findbugs | v3.0.0 |
| unit | 
https://builds.apache.org/job/PreCommit-HDFS-Build/17280/artifact/patchprocess/patch-unit-hadoop-hdfs-project_hadoop-hdfs.txt
 |
|  Test Results | 
https://builds.apache.org/job/PreCommit-HDFS-Build/17280/testReport/ |
| modules | C: hadoop-hdfs-project/hadoop-hdfs U: 

[jira] [Commented] (HDFS-11053) Unnecessary superuser check in versionRequest()

[Kihwal Lee (JIRA)]

[ 
https://issues.apache.org/jira/browse/HDFS-11053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15606527#comment-15606527
 ] 

Kihwal Lee commented on HDFS-11053:
---

The check was added in the process of fixing HDFS-2264.

> Unnecessary superuser check in versionRequest()
> ---
>
> Key: HDFS-11053
> URL: https://issues.apache.org/jira/browse/HDFS-11053
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: namenode, security
>Reporter: Kihwal Lee
>Assignee: Kihwal Lee
> Attachments: HDFS-11053.patch
>
>
> The {{versionRequest()}} call does not return any sensitive information.  It 
> is mainly used for sanity checks.   The presence of 
> {{checkSuperuserPrivilege()}} forces users to run datanode as a hdfs 
> superuser.
> In secure setup, a keytab obtained from a compromised datanode can allow the 
> intruder to gain hdfs superuser privilege.  We should allow datanodes to be 
> run as non-hdfs-superuser by removing {{checkSuperuserPrivilege()}} from 
> {{versionRequest()}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

-
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org