[jira] Commented: (HDFS-1430) Don't print entire stack trace to NN log when denying file access

Wed, 29 Sep 2010 15:52:59 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-1430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12916294#action_12916294
 ] 

Jakob Homan commented on HDFS-1430:
-----------------------------------

An example:
{noformat}2010-09-01 19:30:52,760 INFO org.apache.hadoop.ipc.Server: IPC Server 
handler 20 on 8020, call
getListing(/the/swimming/pool/in/the/library, [...@94bf925) from 
123.456.789.10:60262: error:
org.apache.hadoop.security.AccessControlException: Permission denied: 
user=themaster, access=READ_EXECUTE,
inode="20100115":thedoctor:thetardis:rwxr-x---
org.apache.hadoop.security.AccessControlException: Permission denied: 
user=themaster, access=READ_EXECUTE,
inode="20100115":thedoctor:thetardis:rwxr-x---
        at 
org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.check(FSPermissionChecker.java:199)
        at 
org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkPermission(FSPermissionChecker.java:134)
        at 
org.apache.hadoop.hdfs.server.namenode.FSNamesystem.checkPermission(FSNamesystem.java:4672)
        at 
org.apache.hadoop.hdfs.server.namenode.FSNamesystem.checkPathAccess(FSNamesystem.java:4636)
        at 
org.apache.hadoop.hdfs.server.namenode.FSNamesystem.getListing(FSNamesystem.java:2081)
        at 
org.apache.hadoop.hdfs.server.namenode.NameNode.getListing(NameNode.java:651)
        at sun.reflect.GeneratedMethodAccessor16.invoke(Unknown Source)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:519)
        at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:1285)
        at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:1281)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:396)
        at 
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:978)
        at org.apache.hadoop.ipc.Server$Handler.run(Server.java:1279){noformat}
22 lines is a bit excessive.  A single line will suffice.

> Don't print entire stack trace to NN log when denying file access
> -----------------------------------------------------------------
>
>                 Key: HDFS-1430
>                 URL: https://issues.apache.org/jira/browse/HDFS-1430
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>    Affects Versions: 0.21.0
>            Reporter: Jakob Homan
>             Fix For: 0.22.0
>
>
> Currently when a user attempts to access a file/directory he/she doesn't have 
> access to, we include the entire stack trace from the exception that is 
> generated.  Denying access is a routine event and the stack trace is just 
> noise.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to