[ https://issues.apache.org/jira/browse/HADOOP-13040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15250985#comment-15250985 ]
Xiaoyu Yao commented on HADOOP-13040: ------------------------------------- Thanks [~aw]! This seems like a limitation of the org.apache.hadoop.conf.Configuration class. It requires the configuration key in either core-site.xml or hdfs-site.xml before the system property passed via HADOOP_NAMENODE_OPTS can be honored. That's why the work around works. Otherwise, the default will be returned for Configuration#get() as show below. Here is my test with only {{export HADOOP_NAMENODE_OPTS="-Dhadoop.security.group.mapping.ldap.bind.password.file=CUSTOMERFILELOCATION" }} {code} 6/04/20 16:58:20 INFO namenode.NameNode: hadoop.security.group.mapping.ldap.bind.password.file (from Configuration#get) = Default.bind.password.file 16/04/20 16:58:20 INFO namenode.NameNode: hadoop.security.group.mapping.ldap.bind.password.file (from System#getProperty) = CUSTOMERFILELOCATION {code} > HADOOP_NAMENODE_OPTS does not pass -DconfigKey=Value to namenode as parameter > ------------------------------------------------------------------------------ > > Key: HADOOP-13040 > URL: https://issues.apache.org/jira/browse/HADOOP-13040 > Project: Hadoop Common > Issue Type: Bug > Components: scripts > Reporter: Xiaoyu Yao > Assignee: Xiaoyu Yao > > We want to hide the ldap bind password file path from core-site.xml by > setting the following in hadoop-env.sh only. > export HADOOP_NAMENODE_OPTS=$HADOOP_NAMENODE_OPTS > -Dhadoop.security.group.mapping.ldap.bind.password.file > =BIND_PASSWORD_FILE_PATH > However, it does not work as expected and the BIND_PASSWORD_FILE_PATH is not > honored with existing hadoop_add_param call from > hadoop-config.sh/hadoop-function.sh. > -- This message was sent by Atlassian JIRA (v6.3.4#6332)