[jira] Updated: (HADOOP-6951) Distinct minicluster services (e.g. NN and JT) overwrite each other's service policies

Aaron T. Myers (JIRA) Tue, 14 Sep 2010 18:24:15 -0700

     [ 
https://issues.apache.org/jira/browse/HADOOP-6951?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Aaron T. Myers updated HADOOP-6951:
-----------------------------------

           Status: Patch Available  (was: Open)
    Fix Version/s: 0.22.0

> Distinct minicluster services (e.g. NN and JT) overwrite each other's service 
> policies
> --------------------------------------------------------------------------------------
>
>                 Key: HADOOP-6951
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6951
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Aaron T. Myers
>            Assignee: Aaron T. Myers
>             Fix For: 0.22.0
>
>         Attachments: hadoop-6951.txt.0
>
>
> Because the protocol -> ACL mapping in ServiceAuthorizationManager is static, 
> services which are run in the same JVM have the potential to clobber the 
> other's service authorization ACLs whenever 
> ServiceAuthorizationManager.refresh() is called. This causes authorization 
> failures if one tries to launch a 2NN connected to a minicluster with 
> hadoop.security.authorization enabled. Seems like each service should have 
> its own instance of a ServiceAuthorizationManager, instead of using static 
> methods.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (HADOOP-6951) Distinct minicluster services (e.g. NN and JT) overwrite each other's service policies

Reply via email to