[
https://issues.apache.org/jira/browse/HDFS-4295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13546206#comment-13546206
]
Aaron T. Myers commented on HDFS-4295:
--------------------------------------
Hi liuyang, we should really continue this conversation on the
u...@hadoop.apache.org mailing list, since it's not an issue with this
bug/patch. The short answer to your question is: you have to start the DN as
root, and make sure that the HADOOP_SECURE_DN_USER environment variable is set
to 'hdfs' so that the DN knows which user to switch to.
If you have any more questions about this, please email u...@hadoop.apache.org.
> Using port 1023 should be valid when starting Secure DataNode
> -------------------------------------------------------------
>
> Key: HDFS-4295
> URL: https://issues.apache.org/jira/browse/HDFS-4295
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: security
> Affects Versions: 2.0.0-alpha
> Reporter: Stephen Chu
> Assignee: Stephen Chu
> Labels: trivial
> Fix For: 3.0.0, 2.0.3-alpha
>
> Attachments: HDFS-4295.patch
>
>
> In SecureDataNodeStarter:
> {code}
> if ((ss.getLocalPort() >= 1023 || listener.getPort() >= 1023) &&
> UserGroupInformation.isSecurityEnabled()) {
> throw new RuntimeException("Cannot start secure datanode with
> unprivileged ports");
> }
> {code}
> This prohibits using port 1023, but this should be okay because only root can
> listen to ports below 1024.
> We can change the >= to >.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
