[
https://issues.apache.org/jira/browse/HDFS-10416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tianyin Xu updated HDFS-10416:
------------------------------
Attachment: (was: HDFS-10416.000.patch)
> Empty exception msg in the checking of superuser priviledge in DataNode
> ------------------------------------------------------------------------
>
> Key: HDFS-10416
> URL: https://issues.apache.org/jira/browse/HDFS-10416
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: datanode
> Affects Versions: 2.7.2
> Reporter: Tianyin Xu
> Attachments: HDFS-10416.000.patch
>
>
> In {{checkSuperuserPrivilege}} ({{DataNode.java}}), when the check fails, it
> throws an empty {{AccessControlException}} object which is really confusing
> for users to understand precisely what happened underneath the "permission
> denied" error.
> {code:title=org.apache.hadoop.hdfs.server.datanode.DataNode|borderStyle=solid}
> private void checkSuperuserPrivilege() ... {
> ...
> // Not a superuser.
> throw new AccessControlException();
> }
> {code}
> (the method is used in a number of DataNode operations like
> {{refreshNamenodes}}, {{deleteBlockPool}}, {{shutdownDatanode}}, just listing
> a few).
> \\
> As the comparison, if we look at the *exactly same method* implemented for
> {{NameNode}}:
> {code:title=org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker|borderStyle=solid}
> public void checkSuperuserPrivilege() ... {
> if (!isSuperUser()) {
> throw new AccessControlException("Access denied for user "
> + getUser() + ". Superuser privilege is required");
> }
> }
> {code}
> The message is much more clear and easier to understand.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
