[jira] [Commented] (HDFS-16979) RBF: Add dfsrouter port in hdfsauditlog

Wed, 19 Apr 2023 12:10:07 -0700 


    [ 
https://issues.apache.org/jira/browse/HDFS-16979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17714275#comment-17714275
 ] 

ASF GitHub Bot commented on HDFS-16979:
---------------------------------------

virajjasani commented on code in PR #5552:
URL: https://github.com/apache/hadoop/pull/5552#discussion_r1171753252


##########
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java:
##########
@@ -453,15 +453,15 @@ private void logAuditEvent(boolean succeeded,
 
   private void appendClientPortToCallerContextIfAbsent() {
     final CallerContext ctx = CallerContext.getCurrent();
-    if (isClientPortInfoAbsent(ctx)) {
-      String origContext = ctx == null ? null : ctx.getContext();
-      byte[] origSignature = ctx == null ? null : ctx.getSignature();
-      CallerContext.setCurrent(
-          new CallerContext.Builder(origContext, contextFieldSeparator)
-              .append(CallerContext.CLIENT_PORT_STR, 
String.valueOf(Server.getRemotePort()))
-              .setSignature(origSignature)
-              .build());
-    }
+    String origContext = ctx == null ? null : ctx.getContext();
+    byte[] origSignature = ctx == null ? null : ctx.getSignature();
+    String clientPort = isClientPortInfoAbsent(ctx) ? 
CallerContext.CLIENT_PORT_STR :

Review Comment:
   > Are we even sure that if it is not a client, it is a router?
   
   This is exactly why I was suggesting to provide better protection for this 
very condition
   https://github.com/apache/hadoop/pull/5552#issuecomment-1507395844
   
   Today, we know that if it is not a client, it is a router. But this is so 
_fragile_ and can be easily broken if someone other than router also starts 
using `clientPort` in the context.
   The better way is to have a check that only router would pass, something 
similar to the comment.





> RBF: Add dfsrouter port in hdfsauditlog
> ---------------------------------------
>
>                 Key: HDFS-16979
>                 URL: https://issues.apache.org/jira/browse/HDFS-16979
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: liuguanghua
>            Priority: Major
>              Labels: pull-request-available
>
> When remote client request through dfsrouter to namenode, the hdfsauditlog 
> record the remote client ip and port ,dfsrouter IP,but lack of dfsrouter port.
> This patch is done for this scene.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to