[jira] [Commented] (HDFS-14176) Replace incorrect use of system property user.name

Wed, 20 Mar 2019 12:52:10 -0700 


    [ 
https://issues.apache.org/jira/browse/HDFS-14176?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16797494#comment-16797494
 ] 

Dinesh Chitlangia commented on HDFS-14176:
------------------------------------------

Thanks [~ajayydv] for commit and [~jojochuang] for review/guidance.

> Replace incorrect use of system property user.name
> --------------------------------------------------
>
>                 Key: HDFS-14176
>                 URL: https://issues.apache.org/jira/browse/HDFS-14176
>             Project: Hadoop HDFS
>          Issue Type: Bug
>    Affects Versions: 3.3.0
>         Environment: Kerberized
>            Reporter: Wei-Chiu Chuang
>            Assignee: Dinesh Chitlangia
>            Priority: Major
>         Attachments: HDFS-14176.01.patch, HDFS-14176.02.patch, 
> HDFS-14176.03.patch, HDFS-14176.04.patch
>
>
> Looking at the Hadoop source code, there are a few places where the code 
> assumes the user name can be acquired from Java's system property 
> {{user.name}}.
> For example,
> {code:java|title=FileSystem}
> /** Return the current user's home directory in this FileSystem.
>    * The default implementation returns {@code "/user/$USER/"}.
>    */
>   public Path getHomeDirectory() {
>     return this.makeQualified(
>         new Path(USER_HOME_PREFIX + "/" + System.getProperty("user.name")));
>   }
> {code}
> This is incorrect, as in a Kerberized environment, a user may login as a user 
> principal different from its system login account.
> It would be better to use 
> {{UserGroupInformation.getCurrentUser().getShortUserName()}}, similar to 
> HDFS-12485.
> Unfortunately, I am seeing this improper use in Yarn, HDFS federation 
> SFTPFilesystem and Ozone code (tests are ignored)
> The impact should be small, since it only affects the case where system is 
> Kerberized and that the user principal is different from system login account.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to