Is there a follow-up JIRA for the security item? -----Original Message----- From: Roberta Marton [mailto:[email protected]] Sent: Sunday, January 28, 2018 6:55 PM To: [email protected] Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2
+0 Running centos 6.7 and Cloudera 5.7.6 with Kerberos enabled. I installed the source files for Trafodion release 2.2. Successfully build binaries. However, when I ran the python installer, it failed: Host [rm1.novalocal]: Script [hdfs_cmds.py] ..................................... [ FAIL ] Failed to run command su - hdfs -c '/usr/bin/hdfs dfs -chgrp 18/01/28 21:15:25 WARN security.UserGroupInformation: PriviledgedActionException as:root (auth:KERBEROS) cause:javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)] 18/01/28 21:15:25 WARN ipc.Client: Exception encountered while connecting to the server : javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt) There is a valid HBASE ticket: [centos@rm1 distribution]$ sudo su hdfs bash-4.1$ klist Ticket cache: FILE:/tmp/krb5cc_494 Default principal: hdfs/[email protected] Valid starting Expires Service principal 01/28/18 21:11:10 01/29/18 21:11:10 krbtgt/[email protected] renew until 02/02/18 21:11:10 I was able to manually run the hdfs requests when connected as hdfs user. After manually running the HDFS steps, the installation step completed and trafodion database was initialized. However, neither authentication or authorization was enabled. I was able to manually enable both and successful run some SQL queries. I am concerned that when security features are enabled, that things do not work as correctly. Roberta -----Original Message----- From: Liu, Ming (Ming) [mailto:[email protected]] Sent: Friday, January 26, 2018 7:09 PM To: [email protected] Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2 Hi, Steve, The policy page does requires the year to reflect the distribution of the CURRENT and past versions of the product. It we should update it. But does that mean we have to update all headers in most source files, or only the NOTICE file? And I think this is NOT that strict, I checked a few other Apache projects: Kylin 2.2.0 , in NOTICE, it is 2014-2016, but Kylin 2.2.0 released at 2017 Nov ZooKeeper 3.4.8 , NOTICE file said 2009-2015, but ZooKeeper 3.4.8 released at 2016 Feb Drill 1.12 , NOTICE file said 2013-2014, Drill 1.12 released at 2017 Dec HBase is very good, update NOTICE for most releases, but the 2.0.0-beta-1 released at 2018 Jan, and the NOTICE file not update the year, still 2007-2017 Kudu 1.2.0, NOTICE file is 2016, but it released at 2017 Jan Hive 1.2.2 , NOTICE file is 2008-2015, 1.2.2 released at 2017 April ... Hadoop is very strict at this, not only update year for each release, but also lists all third-party license header in its NOTICE file. So in sum, I think it will be good for Trafodion to strictly follow the rule in the next release, but it is not strict for now. Could you consider to change your vote ? Thanks, Ming -----Original Message----- From: Steve Varnau [mailto:[email protected]] Sent: Friday, January 26, 2018 8:03 AM To: [email protected] Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2 I'm not certain, but the NOTICE file, that contains the copyright for the entire release is wrong. This is the policy: http://apache.org/legal/src-headers.html#notice I don't see any guidance about how strict that dates be correct. --Steve > -----Original Message----- > From: Hans Zeller [mailto:[email protected]] > Sent: Thursday, January 25, 2018 2:49 PM > To: [email protected] > Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2 > > Hi Steve, does this really justify an entire new round? All the code > (ok, maybe only 99.98 %) for this release was written in 2017. The > fact that we voted in 2018, does that really justify an update to the > copyright year? > > -----Original Message----- > From: Steve Varnau [mailto:[email protected]] > Sent: Thursday, January 25, 2018 2:42 PM > To: [email protected] > Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2 > > It occurred to me that I missed something when I reviewed all those > NOTICE files (that are all the same). > > The copyright line should be updated to include 2018. > > Copyright 2015-2017 The Apache Software Foundation > > Not certain if that is a legal showstopper, but it looks like an > oversight we should fix while we have the chance. > > Changing my vote to -1. > > --Steve > > > -----Original Message----- > > From: Steve Varnau [mailto:[email protected]] > > Sent: Thursday, January 25, 2018 12:39 PM > > To: [email protected] > > Subject: RE: [VOTE] Apache Trafodion release 2.2.0 RC 2 > > > > I checked signatures and checksums for all artifacts. > > I ran RAT to check licenses. > > I compared the source tarball to the 2.2.0rc2 label in git. > > I did a quick review of LICENSE, NOTICE, README, RAT_README, .rat- > > excludes in source tarball. > > I did quick review of LICENSE and NOTICE in each of the binary tarballs. > > I verified that there is no longer an incubating DISCLAIMER file in > > any of the tarballs. > > > > I did not actually build or test the source tarball. > > > > I did not find any issues. > > > > +1 for me. > > > > --Steve > > > > > -----Original Message----- > > > From: Liu, Ming (Ming) [mailto:[email protected]] > > > Sent: Thursday, January 25, 2018 7:22 AM > > > To: [email protected] > > > Subject: [VOTE] Apache Trafodion release 2.2.0 RC 2 > > > > > > Hi to everyone in the Trafodion Community, > > > > > > This is a call to vote on release 2.2.0 of Apache Trafodion . > > > > > > This is a major release and includes over 300 fixes and some > > > important features. The highlights are all documented here: > > > https://cwiki.apache.org/confluence/display/TRAFODION/Release+2.2 > > > They include : > > > > > > * Trafodion graduates as top level Apache project > > > * DTM enhancements by porting EsgynDB DTM changes to Trafodion > > > * jdbcT4 for publish to maven central > > > * Trafodion Elasticity enhancements > > > * LOB support in JDBC > > > * RMS enhancements > > > * Bug fixes > > > > > > JIRA Release Notes : > > > Trafodion 2.2 JIRA Release Notes > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=123 > > 18 > > 620 > > > &version=12338559 > > > Highlights : > > > https://cwiki.apache.org/confluence/display/TRAFODION/Release+2.2 > > > > > > GIT info: > > > The tag for this candidate is "2.2.0rc2". Git repository: git:// > > > git.apache.org/trafodion.git > > > > > > Release artifacts : > > > https://dist.apache.org/repos/dist/dev/trafodion/trafodion-2.2.0-R > > > C2 / Artifacts are signed with my key : E1502B16 which is in > > > https://dist.apache.org/repos/dist/release/trafodion/KEYS > > > > > > Instructions : > > > > > > Installing Trafodion using convenience binaries using the Python > > > installer or install with Ambari : > > > http://trafodion.apache.org/docs/provisioning_guide/index.html > > > > > > Setting up build environment and building from source : > > > > > > https://cwiki.apache.org/confluence/display/TRAFODION/Create+Build+Env > > i > > > ronment > > > https://cwiki.apache.org/confluence/display/TRAFODION/Build+Source > > > > > > [ ] +1 approve > > > > > > [ ] +0 no opinion > > > > > > [ ] -1 disapprove (and reason why) > > > > > > Vote will be open until the community has had a chance to try out > > > the instructions and we get sufficient feedback ( at least 72 > > > hours), unless cancelled. > > > > > > Thanks, > > > Ming
