[ https://issues.apache.org/jira/browse/HDFS-6666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14486404#comment-14486404 ]
Vijay Bhat commented on HDFS-6666: ---------------------------------- Thanks for the feedback [~cnauroth]. I've made the changes you recommend and resubmitted the patch. > Abort NameNode and DataNode startup if security is enabled but block access > token is not enabled. > ------------------------------------------------------------------------------------------------- > > Key: HDFS-6666 > URL: https://issues.apache.org/jira/browse/HDFS-6666 > Project: Hadoop HDFS > Issue Type: Bug > Components: datanode, namenode, security > Affects Versions: 3.0.0, 2.5.0 > Reporter: Chris Nauroth > Assignee: Vijay Bhat > Priority: Minor > Attachments: HDFS-6666.001.patch, HDFS-6666.002.patch, > HDFS-6666.003.patch > > > Currently, if security is enabled by setting hadoop.security.authentication > to kerberos, but HDFS block access tokens are disabled by setting > dfs.block.access.token.enable to false (which is the default), then the > NameNode logs an error and proceeds, and the DataNode proceeds without even > logging an error. This jira proposes that this it's invalid to turn on > security but not turn on block access tokens, and that it would be better to > fail fast and abort the daemons during startup if this happens. -- This message was sent by Atlassian JIRA (v6.3.4#6332)