Ranadip created HADOOP-11479:
--------------------------------
Summary: hdfs crypto -createZone fails to impersonate the real
user in a kerberised environment
Key: HADOOP-11479
URL: https://issues.apache.org/jira/browse/HADOOP-11479
Project: Hadoop Common
Issue Type: Bug
Affects Versions: 2.6.0
Environment: CentOS
Reporter: Ranadip
Priority: Blocker
The problem occurs when KMS key level acl is created for the key before the
encryption zone is created. The command tried to create the encryption zone
using "hdfs" user's identity and not the real user's identity.
Steps:
In a kerberised environment:
1. Create key level ACL in KMS for a new key.
2. Create encryption key now. (Goes through fine)
3. Create encryption zone. (Fails)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
