[ https://issues.apache.org/jira/browse/HDFS-12697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16220475#comment-16220475 ]
Elek, Marton edited comment on HDFS-12697 at 10/26/17 2:48 PM: --------------------------------------------------------------- I am not sure it works well. It will return a security error even if ozone is turned off and not the security on. With ozone.enabled !=false, but security is turned off: {code} scm_1 | 2017-10-26 14:03:17 ERROR StorageContainerManager:320 - SCM cannot be started in secure mode scm_1 | SCM cannot be started in secure mode {code} UPDATE: I found the reviewboard and Xiaoyu wrote the same... was (Author: elek): I am not sure it works well. It will return a security error even if ozone is turned off and not the security on. With ozone.enabled !=false, but security is turned off: {code} scm_1 | 2017-10-26 14:03:17 ERROR StorageContainerManager:320 - SCM cannot be started in secure mode scm_1 | SCM cannot be started in secure mode {code} > Ozone services must stay disabled in secure setup for alpha > ----------------------------------------------------------- > > Key: HDFS-12697 > URL: https://issues.apache.org/jira/browse/HDFS-12697 > Project: Hadoop HDFS > Issue Type: Sub-task > Reporter: Jitendra Nath Pandey > Assignee: Bharat Viswanadham > Priority: Blocker > Attachments: HDFS-12697-HDFS-7240.01.patch, > HDFS-12697-HDFS-7240.02.patch > > > When security is enabled, ozone services should not start up, even if ozone > configurations are enabled. This is important to ensure a user experimenting > with ozone doesn't inadvertently get exposed to attacks. Specifically, > 1) KSM should not start up. > 2) SCM should not startup. > 3) Datanode's ozone xceiverserver should not startup, and must not listen on > a port. > 4) Datanode's ozone handler port should not be open, and webservice must stay > disabled. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org