[
https://issues.apache.org/jira/browse/HDFS-10643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xiaoyu Yao updated HDFS-10643:
------------------------------
Attachment: HDFS-10643.03.patch
Fix the checkstyle issue.
> HDFS namenode should always use service user (hdfs) to generateEncryptedKey
> ---------------------------------------------------------------------------
>
> Key: HDFS-10643
> URL: https://issues.apache.org/jira/browse/HDFS-10643
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: encryption, namenode
> Affects Versions: 2.6.0
> Reporter: Xiaoyu Yao
> Assignee: Xiaoyu Yao
> Attachments: HDFS-10643.00.patch, HDFS-10643.01.patch,
> HDFS-10643.02.patch, HDFS-10643.03.patch
>
>
> KMSClientProvider is designed to be shared by different KMS clients. When
> HDFS Namenode as KMS client talks to KMS to generateEncryptedKey for new file
> creation from proxy user (hive, oozie), the proxyuser handling for
> KMSClientProvider in this case is unnecessary, which cause 1) an extra proxy
> user configuration allowing hdfs user to proxy its clients and 2) KMS acls to
> allow non-hdfs user for GENERATE_EEK operation.
> This ticket is opened to always use HDFS namenode login user (hdfs) when
> talking to KMS to generateEncryptedKey for new file creation. This way, we
> have a more secure KMS based HDFS encryption (we can set kms-acls to allow
> only hdfs user for GENERATE_EEK) with less configuration hassle for KMS to
> allow hdfs to proxy other users.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
