I am seeing a couple differences in my kerberos debug logs depending on if it is creating the ticket with the keytab or myself manually kiniting using the same keytab.
Kerberos Debug Log for `hadoop fs -ls /accumulo` after I manually `kinit -kt /opt/accumulo/conf/accumulo.keytab accumulo/accumulo.test.local`: Config name: /etc/krb5.conf >>>KinitOptions cache name is /tmp/krb5cc_0 >>>DEBUG <CCacheInputStream> client principal is accumulo/[email protected] >>>DEBUG <CCacheInputStream> server principal is krbtgt/[email protected] >>>DEBUG <CCacheInputStream> key type: 18 >>>DEBUG <CCacheInputStream> auth time: Thu Feb 27 12:40:33 PST 2014 >>>DEBUG <CCacheInputStream> start time: Thu Feb 27 12:40:33 PST 2014 >>>DEBUG <CCacheInputStream> end time: Thu Feb 27 12:45:33 PST 2014 >>>DEBUG <CCacheInputStream> renew_till time: Thu Feb 27 13:00:33 PST 2014 CCacheInputStream: readFlags() FORWARDABLE; RENEWABLE; INITIAL; Accumulo Kerberos Debug Log: Client Principal = accumulo/[email protected] Server Principal = hdfs/[email protected] Forwardable Ticket true Forwarded Ticket false Proxiable Ticket false Proxy Ticket false Postdated Ticket false Renewable Ticket false Initial Ticket false Auth Time = Thu Feb 27 12:43:22 PST 2014 Start Time = Thu Feb 27 12:43:25 PST 2014 End Time = Thu Feb 27 12:48:22 PST 2014 Renew Till = null Major differences to note are Server Principal, Renewable and Initial Flags, and the Renew Till values. Could this be the cause of my current issue? If so why would accumulo using the same keytab and principal get these different values? Thanks, Hokie
