[
https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colin Patrick McCabe updated HDFS-3608:
---------------------------------------
Attachment: HDFS-3608.004.patch
fuse_timer.c:
* add fuse_timer.c, which can invoke callbacks after timeouts
* add test_fuse_timer unit test to test fuse_timer.c
fuse_connect.c:
* We now reference-count libhdfs connection objects using struct hdfsConn
* expire old FS instances after a certain amount of time has elapsed (a few
minutes)
* expire old FS isntances whenever the kerberos ticket cache mtime changes
* store uri and port statically rather than requiring them to be passed in
separately each time we make a connection
* add fuseConnectTest, which will create a sample FileSystem object, in order
to verify that the provided configuration is valid. This method was previously
implemented inline in the main() method.
This will probably not work for Kerberos-authenticated clusters, since that
would require root to be kinit'ed. So add a TODO and stub out the code when
Kerberos is enabled.
most fuse operations:
* fh now contains a fuseConn object rather than simply an hdfsFS object
* fuse operations must rememeber to call hdfsConnRelease, since we're now
reference-counting FS objects
fuse_impls_open.c:
* fix some error handling code
fuse_init.c:
* be more verbose about printing dfs options on startup
jni_helper.c:
* invoke FileSystem::loadFileSystems immediately after startup to avoid
classloader problems later
tree.h:
* add BSD-licensed red-black tree implementation
> fuse_dfs: detect changes in UID ticket cache
> --------------------------------------------
>
> Key: HDFS-3608
> URL: https://issues.apache.org/jira/browse/HDFS-3608
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 2.1.0-alpha
> Reporter: Colin Patrick McCabe
> Assignee: Colin Patrick McCabe
> Priority: Minor
> Attachments: HDFS-3608.004.patch
>
>
> Currently in fuse_dfs, if one kinits as some principal "foo" and then does
> some operation on fuse_dfs, then kdestroy and kinit as some principal "bar",
> subsequent operations done via fuse_dfs will still use cached credentials for
> "foo". The reason for this is that fuse_dfs caches Filesystem instances using
> the UID of the user running the command as the key into the cache. This is a
> very uncommon scenario, since it's pretty uncommon for a single user to want
> to use credentials for several different principals on the same box.
> However, we can use inotify to detect changes in the Kerberos ticket cache
> file and force the next operation to create a new FileSystem instance in that
> case. This will also require a reference counting mechanism in fuse_dfs so
> that we can free the FileSystem classes when they refer to previous Kerberos
> ticket caches.
> Another mechanism is to run a stat periodically on the ticket cache file.
> This is a good fallback mechanism if inotify does not work on the file (for
> example, because it's on an NFS mount.)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
