[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16860463#comment-16860463 ] Hudson commented on HDFS-14234: --- SUCCESS: Integrated in Jenkins build Hadoop-trunk-Commit #16716 (See [https://builds.apache.org/job/Hadoop-trunk-Commit/16716/]) HDFS-14234. Limit WebHDFS to specifc user, host, directory triples. (aengineer: rev 101d5b5f865f94e4772051ea8ce4ee0f92ddedca) * (add) hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/common/TestHostRestrictingAuthorizationFilter.java * (add) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/web/package-info.java * (edit) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/web/DatanodeHttpServer.java * (edit) hadoop-hdfs-project/hadoop-hdfs/src/site/markdown/WebHDFS.md * (edit) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java * (edit) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/web/RestCsrfPreventionFilterHandler.java * (edit) hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml * (add) hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/datanode/web/TestHostRestrictingAuthorizationFilterHandler.java * (edit) hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/web/TestWebHdfsWithRestCsrfPreventionFilter.java * (add) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/common/HostRestrictingAuthorizationFilter.java * (add) hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/datanode/web/HostRestrictingAuthorizationFilterHandler.java > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Fix For: 3.3.0 > > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0007-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, changes.diff > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16860454#comment-16860454 ] Anu Engineer commented on HDFS-14234: - [~clayb] Thank you for the contribution. I have committed this patch to the trunk. While committing I took liberty to fix a findbugs issue, some checkstyle and a java doc issue. I have attached the changes I made to this Jira . > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0007-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16841776#comment-16841776 ] Anu Engineer commented on HDFS-14234: - Probably an issue with the Jenkins machines. Some times that can be quite slow. I will take a look at this patch soon. Thanks > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0007-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16841617#comment-16841617 ] Clay B. commented on HDFS-14234: I do not see TestWebHdfsTimeouts failing on my laptop. I do see Jenkins says: {\{Expected to find 'localhost:42528: connect timed out' but got unexpected exception: java.net.SocketTimeoutException: localhost:42528: Read timed out}}. I am not sure how I could have affected this test? > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0007-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16839950#comment-16839950 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 13s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 18m 34s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 58s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 7s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 15s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 2m 23s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 58s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m 14s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 6s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 1m 6s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 46s{color} | {color:orange} hadoop-hdfs-project/hadoop-hdfs: The patch generated 45 new + 445 unchanged - 30 fixed = 490 total (was 475) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 5s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} xml {color} | {color:green} 0m 1s{color} | {color:green} The patch has no ill-formed XML file. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 30s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 19s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 1 new + 0 unchanged - 0 fixed = 1 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 48s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 79m 50s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 31s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}138m 18s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Nullcheck of query at line 246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:[line 246] | | Failed junit tests | hadoop.hdfs.web.TestWebHdfsTimeouts | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:bdbca0e | | JIRA Issue | HDFS-14234 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12968726/0007-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch | | Optional Tests | dupname asflicense compile javac javadoc mvninstall mvnsite unit
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16839889#comment-16839889 ] Clay B. commented on HDFS-14234: Oops, I kept missing that I was failing the test \{{org.apache.hadoop.tools.TestHdfsConfigFields}}; it has been politely telling me to do something with {{hdfs-default.xml}}. Otherwise, I'm not sure what the checkstyle failure is trying to tell me. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838912#comment-16838912 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 37s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 20m 8s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 4s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 10s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 30s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 2m 3s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 51s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m 12s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 10s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 1m 10s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 51s{color} | {color:orange} hadoop-hdfs-project/hadoop-hdfs: The patch generated 45 new + 445 unchanged - 31 fixed = 490 total (was 476) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 15s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 14m 5s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 26s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 1 new + 0 unchanged - 0 fixed = 1 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 56s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red}114m 53s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 33s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}177m 38s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Nullcheck of query at line 246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:[line 246] | | Failed junit tests | hadoop.tools.TestHdfsConfigFields | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:bdbca0e | | JIRA Issue | HDFS-14234 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12968601/0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch | | Optional Tests | dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient findbugs checkstyle | | uname | Linux 18ade9ce813f 3.13.0-153-generic #203-Ubuntu SMP Thu Jun 14 08:52:28 UTC 2018 x86_64 x86_64 x86_64
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838830#comment-16838830 ] Clay B. commented on HDFS-14234: Try again removing white space and correcting {{DatanodeHttpServer.java}} again for \{{hadoop.hdfs.web.TestWebHdfsWithRestCsrfPreventionFilter}} as {{CsrfPreventionFilterHandler}} is a protected class. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0006-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838426#comment-16838426 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 26s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 19m 53s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 58s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 5s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 14s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 57s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 50s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 58s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 55s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 55s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 43s{color} | {color:orange} hadoop-hdfs-project/hadoop-hdfs: The patch generated 45 new + 445 unchanged - 31 fixed = 490 total (was 476) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 0s{color} | {color:green} the patch passed {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch has 2 line(s) that end in whitespace. Use git apply --whitespace=fix <>. Refer https://git-scm.com/docs/git-apply {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 27s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 3s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 1 new + 0 unchanged - 0 fixed = 1 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 47s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 99m 45s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 35s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}158m 18s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Nullcheck of query at line 246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:246 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:[line 246] | | Failed junit tests | hadoop.hdfs.tools.TestDFSZKFailoverController | | | hadoop.tools.TestHdfsConfigFields | | | hadoop.hdfs.web.TestWebHdfsWithRestCsrfPreventionFilter | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:bdbca0e | | JIRA Issue | HDFS-14234 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12968524/0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch | | Optional Tests | dupname asflicense compile javac
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838321#comment-16838321 ] Clay B. commented on HDFS-14234: Oops, 0005 fixes more checkstyle, the broken test and at least one find bug as well as adding a small bit of documentation. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0005-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838222#comment-16838222 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 32s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 18m 25s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 58s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 47s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 6s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 23s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 55s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 50s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 58s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 56s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 56s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 45s{color} | {color:orange} hadoop-hdfs-project/hadoop-hdfs: The patch generated 46 new + 445 unchanged - 31 fixed = 491 total (was 476) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 0m 59s{color} | {color:green} the patch passed {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch has 2 line(s) that end in whitespace. Use git apply --whitespace=fix <>. Refer https://git-scm.com/docs/git-apply {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 36s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 5s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 2 new + 0 unchanged - 0 fixed = 2 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 46s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 97m 15s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 34s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}154m 41s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Nullcheck of query at line 247 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:247 of value previously dereferenced in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.handleInteraction(HostRestrictingAuthorizationFilter$HttpInteraction) At HostRestrictingAuthorizationFilter.java:[line 247] | | | Redundant nullcheck of initializeState, which is known to be non-null in org.apache.hadoop.hdfs.server.datanode.web.DatanodeHttpServer.getFilterHandlers(Configuration) Redundant null check at DatanodeHttpServer.java:is known to be non-null in org.apache.hadoop.hdfs.server.datanode.web.DatanodeHttpServer.getFilterHandlers(Configuration) Redundant null check at DatanodeHttpServer.java:[line 273] | | Failed junit tests | hadoop.hdfs.tools.TestDFSZKFailoverController | | |
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16838196#comment-16838196 ] Clay B. commented on HDFS-14234: Thanks for the heads-up about checkstyle [~anu]! I hadn't realized one could run {{mvn checkstyle:checkstyle}} I fixed up the checkstyle issues which I introduced and a few others, if okay. I have added a test to verify that a NPE is not thrown for queries with no operation. Also I added code to avoid throwing an NPE if the CSRF prevention filter is disabled but still loaded (as it is the default filter). > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0004-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16814961#comment-16814961 ] Anu Engineer commented on HDFS-14234: - [~clayb] the patch looks quite good, here are some very minor comments. 1. DatanodeHTTPserver.java, there are some minor checkstyle fixes needed. 2. The changes in hadoop-env.sh are accidental? 3. For production purposes, we should remove the log4j.properties settings for web handlers? 4. I am not sure if this is possible in real life, but from the test case, it is possible to trigger a NullPointerException. ?? ?? ?? httpRequest =?? ?? new DefaultFullHttpRequest(HttpVersion.HTTP_1_1,?? ?? HttpMethod.GET,?? ?? WebHdfsFileSystem.PATH_PREFIX + "/user/myName/fooFile");?? If we send a request without a query portion then it looks like the \{{HostRestrictingAuthorizationFilter.handleInteraction}} will throw a null pointer java.lang.NullPointerException > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16814911#comment-16814911 ] Anu Engineer commented on HDFS-14234: - Hi [~clayb] , I have looked at the patch, and I think it would be good to be able to load the RestCsrfPreventionFilterHandler to preserve the existing behavior. I will add my review comments in a while. Thanks Anu > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16811438#comment-16811438 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 19s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m 14s{color} | {color:blue} Maven dependency ordering for branch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 17m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 15m 38s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 3m 8s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 2m 29s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 10m 58s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 4m 35s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 1m 59s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 25s{color} | {color:blue} Maven dependency ordering for patch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m 51s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 16m 12s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 16m 12s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 3m 19s{color} | {color:orange} root: The patch generated 210 new + 463 unchanged - 3 fixed = 673 total (was 466) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 2m 37s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} shellcheck {color} | {color:green} 0m 0s{color} | {color:green} There were no new shellcheck issues. {color} | | {color:green}+1{color} | {color:green} shelldocs {color} | {color:green} 0m 29s{color} | {color:green} There were no new shelldocs issues. {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch has 8 line(s) that end in whitespace. Use git apply --whitespace=fix <>. Refer https://git-scm.com/docs/git-apply {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch 68 line(s) with tabs. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 10m 24s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 27s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 2 new + 0 unchanged - 0 fixed = 2 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 22s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 10m 16s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:red}-1{color} | {color:red} unit {color} | {color:red}104m 4s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 53s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}219m 33s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Redundant nullcheck of userRules, which is known to be non-null in
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16811253#comment-16811253 ] Anu Engineer commented on HDFS-14234: - bq. should I write support for dfs.webhdsf.rest-csrf.enabled to still load the RestCsrfPreventionFilterHandler to preserve existing behavior and not allow one to pick where in the filter chain the CsrfPreventionFilter gets loaded? I have not looked at the patch yet, but if we have a way of loading the csrf filter and during an upgrade it is not broken, I think we are good to go. The exact order does not matter for CSRF, IMHO. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16811248#comment-16811248 ] Clay B. commented on HDFS-14234: [~anu] Thanks for the advice so far! This patch seems good on the garbage collection front and still allows loading of the CSRF prevention filter through the same {{hadoop.datanode.filter.handler}} parameter one can use for other filters. One question though, should I write support for {{dfs.webhdsf.rest-csrf.enabled}} to still load the {{RestCsrfPreventionFilterHandler}} to preserve existing behavior and not allow one to pick where in the filter chain the CsrfPreventionFilter gets loaded? > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0003-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16796345#comment-16796345 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 32s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 3 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 1m 38s{color} | {color:blue} Maven dependency ordering for branch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 22m 9s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 24m 7s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 3m 48s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 2m 41s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 12m 7s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 3m 57s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 11s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:blue}0{color} | {color:blue} mvndep {color} | {color:blue} 0m 24s{color} | {color:blue} Maven dependency ordering for patch {color} | | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m 56s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 16m 11s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 16m 11s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 3m 43s{color} | {color:orange} root: The patch generated 271 new + 462 unchanged - 4 fixed = 733 total (was 466) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 2m 46s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} shellcheck {color} | {color:green} 0m 0s{color} | {color:green} There were no new shellcheck issues. {color} | | {color:green}+1{color} | {color:green} shelldocs {color} | {color:green} 0m 31s{color} | {color:green} There were no new shelldocs issues. {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch has 17 line(s) that end in whitespace. Use git apply --whitespace=fix <>. Refer https://git-scm.com/docs/git-apply {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch 73 line(s) with tabs. {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 11m 45s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 28s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 2 new + 0 unchanged - 0 fixed = 2 total (was 0) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m 27s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 12m 21s{color} | {color:green} hadoop-common in the patch passed. {color} | | {color:red}-1{color} | {color:red} unit {color} | {color:red}123m 56s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 1m 43s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}259m 21s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Nullcheck of query at line 237 of value previously dereferenced in
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16796165#comment-16796165 ] Clay B. commented on HDFS-14234: The patch 002 works for me with an hdfs-site containing: {code:java} dfs.webhdfs.rest-csrf.enabled true hadoop.datanode.filter.handlers org.apache.hadoop.hdfs.server.datanode.web.RestCsrfPreventionFilterHandler,org.apache.hadoop.hdfs.server.datanode.web.HostRestrictingAuthorizationFilterHandler {code} I'm doing some performance analysis now to see about how much garbage is being created in the HostRestrictingAuthorizationFilter. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Clay B. >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch, > 0002-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16757647#comment-16757647 ] Anu Engineer commented on HDFS-14234: - Hi [~clayb], Thanks for the patch. It looks pretty good. I think this is a good approach, especially I like the extension where more filters can be added more easily. I have code reviewed this as if this a real patch. I have some minor comments. *DatanodeHttpServer.java:384: *1. nit: Developer Comment? Remove? XXX Clay how do we want to handle this for generic users? *HostingRestrictingAuthorization.java* 2. Remove unused imports. 3. Line 152: Unused variable, overrideConfigs 4. Line 160: Clean up some args in the new 5. Line 165: Should we make this a WARN instead of debug. If the user wrote a rule wrong, at least we will see a warn. In the current patch, we ignore it silently. 6. Don't understand the use case, but I am going to assume that "// Map is {"user": [subnet, path]} " means that user is some user in Kerberos/Directory and user can also be groupgit s. *HostRestrictingAuthorizationFilterHandler.java* 1. Unused imports. 2. Nit: Remove XXX in line 194 3. Line:103 Java Doc is wrong. *TestHostRestrictingAuthorizationFilter.java* 1. Remove Unused Imports. * TestHostRestrictingAuthorizationFilterHandler.java* 1. Remove unused imports. 2. This file looks incomplete, care to fix or remove from this patch. > Limit WebHDFS to specifc user, host, directory triples > -- > > Key: HDFS-14234 > URL: https://issues.apache.org/jira/browse/HDFS-14234 > Project: Hadoop HDFS > Issue Type: New Feature > Components: webhdfs >Reporter: Clay B. >Assignee: Anu Engineer >Priority: Trivial > Attachments: > 0001-HDFS-14234.-Limit-WebHDFS-to-specifc-user-host-direc.patch > > > For those who have multiple network zones, it is useful to prevent certain > zones from downloading data from WebHDFS while still allowing uploads. This > can enable functionality of HDFS as a dropbox for data - data goes in but can > not be pulled back out. (Motivation further presented in [StrangeLoop 2018 Of > Data Dropboxes and Data > Gloveboxes|https://www.thestrangeloop.com/2018/of-data-dropboxes-and-data-gloveboxes.html]). > Ideally, one could limit the datanodes from returning data via an > [{{OPEN}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Open_and_Read_a_File] > but still allow things such as > [{{GETFILECHECKSUM}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Get_File_Checksum] > and > {{[{{CREATE}}|https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/WebHDFS.html#Create_and_Write_to_a_File]}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Commented] (HDFS-14234) Limit WebHDFS to specifc user, host, directory triples
[ https://issues.apache.org/jira/browse/HDFS-14234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16755620#comment-16755620 ] Hadoop QA commented on HDFS-14234: -- | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m 12s{color} | {color:blue} Docker mode activated. {color} | || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 0s{color} | {color:green} The patch appears to include 2 new or modified test files. {color} | || || || || {color:brown} trunk Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 21m 15s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 1s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 53s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 5s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 47s{color} | {color:green} branch has no errors when building and testing our client artifacts. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 2m 8s{color} | {color:green} trunk passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 49s{color} | {color:green} trunk passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 1m 4s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 1m 0s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 1m 0s{color} | {color:green} the patch passed {color} | | {color:orange}-0{color} | {color:orange} checkstyle {color} | {color:orange} 0m 50s{color} | {color:orange} hadoop-hdfs-project/hadoop-hdfs: The patch generated 144 new + 16 unchanged - 1 fixed = 160 total (was 17) {color} | | {color:green}+1{color} | {color:green} mvnsite {color} | {color:green} 1m 4s{color} | {color:green} the patch passed {color} | | {color:red}-1{color} | {color:red} whitespace {color} | {color:red} 0m 0s{color} | {color:red} The patch has 2 line(s) that end in whitespace. Use git apply --whitespace=fix <>. Refer https://git-scm.com/docs/git-apply {color} | | {color:green}+1{color} | {color:green} shadedclient {color} | {color:green} 13m 8s{color} | {color:green} patch has no errors when building and testing our client artifacts. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 2m 30s{color} | {color:red} hadoop-hdfs-project/hadoop-hdfs generated 2 new + 0 unchanged - 0 fixed = 2 total (was 0) {color} | | {color:red}-1{color} | {color:red} javadoc {color} | {color:red} 0m 47s{color} | {color:red} hadoop-hdfs-project_hadoop-hdfs generated 5 new + 0 unchanged - 0 fixed = 5 total (was 0) {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 86m 22s{color} | {color:red} hadoop-hdfs in the patch failed. {color} | | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 35s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black}148m 7s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:hadoop-hdfs-project/hadoop-hdfs | | | Dead store to overrideConfigs in org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.init(FilterConfig) At HostRestrictingAuthorizationFilter.java:org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter.init(FilterConfig) At HostRestrictingAuthorizationFilter.java:[line 152] | | | Should org.apache.hadoop.hdfs.server.common.HostRestrictingAuthorizationFilter$Rule be a _static_ inner class? At HostRestrictingAuthorizationFilter.java:inner class? At HostRestrictingAuthorizationFilter.java:[lines 75-85] | | Failed junit tests | hadoop.hdfs.web.TestWebHdfsTimeouts | | | hadoop.hdfs.server.datanode.web.TestHostRestrictingAuthorizationFilterHandler | | | hadoop.hdfs.server.namenode.ha.TestDFSUpgradeWithHA | \\ \\ || Subsystem || Report/Notes || | Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hadoop:8f97d6f | | JIRA Issue | HDFS-14234 | | JIRA Patch URL |