[ https://issues.apache.org/jira/browse/HDFS-10643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15403408#comment-15403408 ]
Xiao Chen commented on HDFS-10643: ---------------------------------- Thanks [~xyao] for revving! The change LGTM too, but the test is passing even without the fix. I think (not debugged, sorry if not correct) this is because NN will warm up the cache after HDFS-9405, so the test didn't trigger the KMS ACL check. Why {{createFile}} is done 3 times in the test? Is it for cache draining? I think we could set the cache size to 1 make it fail if so. Also a nit: in the test, can we remove this? {code} try { ... } catch (IOException e) { throw new IOException(e); } {code} > HDFS namenode should always use service user (hdfs) to generateEncryptedKey > --------------------------------------------------------------------------- > > Key: HDFS-10643 > URL: https://issues.apache.org/jira/browse/HDFS-10643 > Project: Hadoop HDFS > Issue Type: Bug > Components: encryption, namenode > Affects Versions: 2.6.0 > Reporter: Xiaoyu Yao > Assignee: Xiaoyu Yao > Attachments: HDFS-10643.00.patch, HDFS-10643.01.patch, > HDFS-10643.02.patch, HDFS-10643.03.patch, HDFS-10643.04.patch > > > KMSClientProvider is designed to be shared by different KMS clients. When > HDFS Namenode as KMS client talks to KMS to generateEncryptedKey for new file > creation from proxy user (hive, oozie), the proxyuser handling for > KMSClientProvider in this case is unnecessary, which cause 1) an extra proxy > user configuration allowing hdfs user to proxy its clients and 2) KMS acls to > allow non-hdfs user for GENERATE_EEK operation. > This ticket is opened to always use HDFS namenode login user (hdfs) when > talking to KMS to generateEncryptedKey for new file creation. This way, we > have a more secure KMS based HDFS encryption (we can set kms-acls to allow > only hdfs user for GENERATE_EEK) with less configuration hassle for KMS to > allow hdfs to proxy other users. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org