[
https://issues.apache.org/jira/browse/HDFS-506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12736818#action_12736818
]
Tsz Wo (Nicholas), SZE commented on HDFS-506:
---------------------------------------------
> So what do you think about the patch? Do you think it's better to wait for
> HADOOP-4487 be solved or to apply the patch to the current version?
The patch mainly changes the shell commands from whoami + groups to id and
makes SunOS a special case. As mentioned before, it does not increase
security. So we have to wait for HADOOP-4487 anyway.
The question is whether it is good to (1) replace whoami + groups with id and
(2) make SunOS a special case. Both (1) and/or (2) are incompatible changes,
i.e. it potentially breaks some existing systems. I think we should minimize
incompatible changes in general.
Could you simply install whoami in your SunOS systems?
(BTW, you may use "svn diff > a.patch" or the corresponding comnand in git for
generating patches.)
> Incorrect UserName at Solaris because it has no "whoami" command by default
> ---------------------------------------------------------------------------
>
> Key: HDFS-506
> URL: https://issues.apache.org/jira/browse/HDFS-506
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: build
> Affects Versions: 0.20.1
> Environment: OS: SunOS 5.10
> Reporter: Urko Benito
> Attachments: PermissionChecker.java.diff, Shell.java.diff,
> test-hadoop-security.tar.gz, UnixUserGroupInformation.java.diff
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> Solaris enviroment has no __whoami__ command, so the __getUnixUserName()__ at
> UnixUserGroupInformation class fails because it's calling to
> Shell.USER_NAME_COMMAND which is defines as "whoami".
> So it launched an Exception and set the default "DrWho" username ignoring all
> the FileSystem permissions.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
