That seems sufficient to me. If it were a more significant security issue we may need a patch branch to previous releases. Have to develop some policy for that scenario. On Apr 22, 2013 10:44 PM, "Kevin Minder" <[email protected]> wrote:
> Yes. The 0.2.0 branch is basically closed. At this stage in the project > I prefer a release from the trunk model so that the next time we branch it > may be for 0.2.1. I've always tried to avoid being RM so opinions welcome. > > On Apr 22, 2013, at 7:20 PM, Dilli Arumugam <[email protected]> > wrote: > > > Hi Kevin, > > Looks like you have pushed the changes only to master branch and not to > v0.2.0 branch. > > Is that intentional? > > Thanks > > Dilli > > > > On Apr 22, 2013, at 3:10 PM, Dilli Arumugam <[email protected]> > wrote: > > > >> Thanks Kevin. > >> Reviewed your changes. > >> Your changes look better. > >> Accepting all the comments and insights. > >> Thanks > >> Dilli > >> > >> On Apr 22, 2013, at 2:47 PM, Kevin Minder <[email protected]> > wrote: > >> > >>> Hey Dilli, > >>> Just pushed an updated change for this and closed the issue. Here is > some trivial feedback > >>> > >>> 1. Please configure your IDE to use spaces not tabs. > >>> 2. I changed the way you logged the exception so that it would be > >>> possible to get the original strack trace via log debug settings. I > >>> wanted to do it as an example for you. > >>> 3. I extracted the text you used in the creation of the new exception > >>> to a text resource. I really did this as example for how to do it. > I'm not sure it was warranted in this case. > >>> 4. Created a unit test for the change. Now that we have a few more > >>> people we need to stop cutting corner on testing. I wanted to do > >>> this to make sure it was possible before I said anything. > >>> > >>> All in all good fix. I apologize if I did too much vs providing > feedback. But this is the most code I've been able to write in weeks! ;) > >>> > >>> You can review my changes to your fix here: > >>> > https://git-wip-us.apache.org/repos/asf?p=incubator-knox.git;a=commit;h=b2031a71a631ea55f8450616cb45df871cd38525 > >>> > >>> Kevin. > >>> > >>> > >>> On 4/22/13 1:43 PM, Dilli Arumugam (JIRA) wrote: > >>>> [ > https://issues.apache.org/jira/browse/KNOX-58?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13638211#comment-13638211] > >>>> > >>>> Dilli Arumugam commented on KNOX-58: > >>>> ------------------------------------ > >>>> > >>>> Kevin, > >>>> Please review the attached patch and let me if the fix requires > additional work. > >>>> Thanks > >>>> Dilli > >>>> > >>>>> NameNode endpoint exposed to gateway clients in runtime exception > >>>>> ----------------------------------------------------------------- > >>>>> > >>>>> Key: KNOX-58 > >>>>> URL: https://issues.apache.org/jira/browse/KNOX-58 > >>>>> Project: Apache Knox > >>>>> Issue Type: Bug > >>>>> Components: Server > >>>>> Affects Versions: 0.2.0 > >>>>> Environment: Knox gateway server 0.2.0 running on a Mac. > >>>>> Hadoop cluster running in Sandbox HDP Bombardier2, in VirtualBox > 4.2.10. > >>>>> Reporter: Dilli Arumugam > >>>>> Fix For: 0.2.0, 0.3.0 > >>>>> > >>>>> Attachments: knox-58-patch01.patch > >>>>> > >>>>> > >>>>> Started Sandbox HDP Bombardier2, in VirtualBox 4.2.10, with out of > box hdfs-site.xml in the sandbox > >>>>> Added the following entry in /etc/hosts > >>>>> 192.168.56.101 vm sandbox > >>>>> Started ldap server > >>>>> java -jar bin/ldap.jar conf & > >>>>> Started gateway server > >>>>> java -jar bin/server.jar > >>>>> Started a sample groovy script > >>>>> java -jar bin/shell.jar samples/ExampleSubmitJob.groovy > >>>>> The groovy script reported the following stack trace > >>>>> ocalhost:knox-0.2.0 darumugam$ java -jar bin/shell.jar > samples/ExampleSubmitJob.groovy > >>>>> Caught: org.apache.hadoop.gateway.shell.HadoopException: > org.apache.hadoop.gateway.shell.ErrorResponse: HTTP/1.1 500 > java.security.PrivilegedActionException: > org.apache.http.conn.HttpHostConnectException: Connection to > http://vm:50070 refused > >>>>> org.apache.hadoop.gateway.shell.HadoopException: > org.apache.hadoop.gateway.shell.ErrorResponse: HTTP/1.1 500 > java.security.PrivilegedActionException: > org.apache.http.conn.HttpHostConnectException: Connection to > http://vm:50070 refused > >>>>> at > org.apache.hadoop.gateway.shell.AbstractRequest.now(AbstractRequest.java:72) > >>>>> at > org.apache.hadoop.gateway.shell.AbstractRequest$now.call(Unknown Source) > >>>>> at ExampleSubmitJob.run(ExampleSubmitJob.groovy:33) > >>>>> at org.apache.hadoop.gateway.shell.Shell.main(Shell.java:40) > >>>>> at > org.apache.hadoop.gateway.launcher.Invoker.invokeMainMethod(Invoker.java:64) > >>>>> at > org.apache.hadoop.gateway.launcher.Invoker.invoke(Invoker.java:37) > >>>>> at > org.apache.hadoop.gateway.launcher.Command.run(Command.java:100) > >>>>> at > org.apache.hadoop.gateway.launcher.Launcher.run(Launcher.java:70) > >>>>> at > org.apache.hadoop.gateway.launcher.Launcher.main(Launcher.java:49) > >>>>> Caused by: org.apache.hadoop.gateway.shell.ErrorResponse: HTTP/1.1 > 500 java.security.PrivilegedActionException: > org.apache.http.conn.HttpHostConnectException: Connection to > http://vm:50070 refused > >>>>> at > org.apache.hadoop.gateway.shell.Hadoop.executeNow(Hadoop.java:107) > >>>>> at > org.apache.hadoop.gateway.shell.AbstractRequest.execute(AbstractRequest.java:47) > >>>>> at > org.apache.hadoop.gateway.shell.hdfs.Rm$Request.access$300(Rm.java:32) > >>>>> at > org.apache.hadoop.gateway.shell.hdfs.Rm$Request$1.call(Rm.java:63) > >>>>> at > org.apache.hadoop.gateway.shell.hdfs.Rm$Request$1.call(Rm.java:56) > >>>>> at > org.apache.hadoop.gateway.shell.AbstractRequest.now(AbstractRequest.java:70) > >>>>> This implies gateway server is exposing NameNode host and port to > the gateway shell in runtime exception. > >>>> -- > >>>> This message is automatically generated by JIRA. > >>>> If you think it was sent incorrectly, please contact your JIRA > administrators > >>>> For more information on JIRA, see: > http://www.atlassian.com/software/jira > > >
