[
https://issues.apache.org/jira/browse/TRAFODION-2562?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15948174#comment-15948174
]
Hans Zeller edited comment on TRAFODION-2562 at 3/30/17 12:55 AM:
------------------------------------------------------------------
Maybe we need more subtasks, but here is a list of things we probably will need:
* The installer should create at least 1 such id initially. This is the easiest
place, since the installer has the needed privileges to create user ids on all
nodes of the cluster. Ideally we would allow a list of ids as installer options.
* We need to keep track of these ids in the metadata.
* A library should be associated - optionally - with such an id. My proposal
would be that we do this at the library level, not at the UDR level.
* We need DDL commands to create such an id, or at least a DDL command to
register a Linux user id as an isolated user id. Also a command to unregister
the id (may have to drop the Linux id separately).
* For each isolated user id we may need a copy of the tdm_udrserv executable
owned by that id, with the setuid flag set, so that when the Trafodion engine
starts this program it runs under the correct id.
was (Author: hzeller):
Maybe we need more subtasks, but here is a list of things we probably will need:
* The installer should create at least 1 such id initially. This is the easiest
place, since the installer has the needed privileges to create user ids on all
nodes of the cluster. Ideally we would allow a list of ids as installer options.
* We need to keep track of these ids in the metadata.
* A library should be associated - optionally - with such an id. My proposal
would be that we do this at the library level, not at the UDR level.
* We need DDL commands to create such an id, or at least a DDL command to
register a Linux user id as an isolated user id. Also a command to unregister
the id (may have to drop the Linux id separately).
> User ids for isolated UDRs
> --------------------------
>
> Key: TRAFODION-2562
> URL: https://issues.apache.org/jira/browse/TRAFODION-2562
> Project: Apache Trafodion
> Issue Type: Sub-task
> Components: sql-cmu
> Affects Versions: 2.0-incubating
> Reporter: Hans Zeller
>
> In order to implement "isolated" UDRs, we need to have a user id for the
> tdm_udrserv process that executes UDRs. Right now this process runs under the
> same user id as the Trafodion engine, which means that the system
> administrator has to trust the UDR writer to a great degree. Running UDRs
> with a user id that has no access to HBase and HDFS and to the internal
> resources of the Trafodion engine would reduce the required trust by a great
> deal.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
