[ https://issues.apache.org/jira/browse/HDFS-3608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colin Patrick McCabe updated HDFS-3608: --------------------------------------- Status: Patch Available (was: Open) > fuse_dfs: detect changes in UID ticket cache > -------------------------------------------- > > Key: HDFS-3608 > URL: https://issues.apache.org/jira/browse/HDFS-3608 > Project: Hadoop HDFS > Issue Type: Bug > Affects Versions: 2.1.0-alpha > Reporter: Colin Patrick McCabe > Assignee: Colin Patrick McCabe > Priority: Minor > Attachments: HDFS-3608.004.patch > > > Currently in fuse_dfs, if one kinits as some principal "foo" and then does > some operation on fuse_dfs, then kdestroy and kinit as some principal "bar", > subsequent operations done via fuse_dfs will still use cached credentials for > "foo". The reason for this is that fuse_dfs caches Filesystem instances using > the UID of the user running the command as the key into the cache. This is a > very uncommon scenario, since it's pretty uncommon for a single user to want > to use credentials for several different principals on the same box. > However, we can use inotify to detect changes in the Kerberos ticket cache > file and force the next operation to create a new FileSystem instance in that > case. This will also require a reference counting mechanism in fuse_dfs so > that we can free the FileSystem classes when they refer to previous Kerberos > ticket caches. > Another mechanism is to run a stat periodically on the ticket cache file. > This is a good fallback mechanism if inotify does not work on the file (for > example, because it's on an NFS mount.) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira