[jira] [Created] (DRILL-8352) Log noise when attempting to look up Unix user groups for a non-existent user

James Turton (Jira) Tue, 08 Nov 2022 01:40:27 -0800

James Turton created DRILL-8352:
-----------------------------------

             Summary: Log noise when attempting to look up Unix user groups for 
a non-existent user
                 Key: DRILL-8352
                 URL: https://issues.apache.org/jira/browse/DRILL-8352
             Project: Apache Drill
          Issue Type: Improvement
          Components: Security
    Affects Versions: 1.20.2
            Reporter: James Turton
            Assignee: James Turton



With Vault authn configured, with the consequence that Drill's users are not 
known to the local OS, messages such as the following are logged by Drill.


{noformat}
docker-compose-sap-main-drill-1                             | 09:33:30.805 
[qtp2108455110-42] WARN  o.a.h.s.ShellBasedUnixGroupsMapping - unable to return 
groups for user user-1-1
docker-compose-sap-main-drill-1                             | 
org.apache.hadoop.security.ShellBasedUnixGroupsMapping$PartialGroupNameException:
 The user name 'user-1-1' is not found. id: user-1-1: no such user
docker-compose-sap-main-drill-1                             | id: user-1-1: no 
such user
docker-compose-sap-main-drill-1                             |
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.ShellBasedUnixGroupsMapping.resolvePartialGroupNames(ShellBasedUnixGroupsMapping.java:294)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getUnixGroups(ShellBasedUnixGroupsMapping.java:207)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.ShellBasedUnixGroupsMapping.getGroups(ShellBasedUnixGroupsMapping.java:97)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.JniBasedUnixGroupsMappingWithFallback.getGroups(JniBasedUnixGroupsMappingWithFallback.java:51)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.Groups$GroupCacheLoader.fetchGroupList(Groups.java:387)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:321)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:270)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3529)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2278)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2155)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2045)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache.get(LocalCache.java:3962)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3985)
docker-compose-sap-main-drill-1                             |   at 
com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4946)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.Groups.getGroups(Groups.java:228)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.UserGroupInformation.getGroups(UserGroupInformation.java:1620)
docker-compose-sap-main-drill-1                             |   at 
org.apache.hadoop.security.UserGroupInformation.getGroupNames(UserGroupInformation.java:1608)
docker-compose-sap-main-drill-1                             |   at 
org.apache.drill.exec.util.ImpersonationUtil.hasAdminPrivileges(ImpersonationUtil.java:244)
docker-compose-sap-main-drill-1                             |   at 
org.apache.drill.exec.server.rest.auth.DrillRestLoginService.login(DrillRestLoginService.java:85)
docker-compose-sap-main-drill-1                             |   at 
org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:67)
docker-compose-sap-main-drill-1                             |   at 
org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:89)
docker-compose-sap-main-drill-1                             |   at 
org.eclipse.jetty.security.authentication.DeferredAuthentication.authenticate(DeferredAuthentication.java:66)
docker-compose-sap-main-drill-1                             |   at 
org.eclipse.jetty.server.Request.getUserPrincipal(Request.java:1715)
docker-compose-sap-main-drill-1                             |   at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
docker-compose-sap-main-drill-1                             |   at 
java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
{noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (DRILL-8352) Log noise when attempting to look up Unix user groups for a non-existent user

Reply via email to