[ https://issues.apache.org/jira/browse/HDFS-4295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13546206#comment-13546206 ]
Aaron T. Myers commented on HDFS-4295: -------------------------------------- Hi liuyang, we should really continue this conversation on the u...@hadoop.apache.org mailing list, since it's not an issue with this bug/patch. The short answer to your question is: you have to start the DN as root, and make sure that the HADOOP_SECURE_DN_USER environment variable is set to 'hdfs' so that the DN knows which user to switch to. If you have any more questions about this, please email u...@hadoop.apache.org. > Using port 1023 should be valid when starting Secure DataNode > ------------------------------------------------------------- > > Key: HDFS-4295 > URL: https://issues.apache.org/jira/browse/HDFS-4295 > Project: Hadoop HDFS > Issue Type: Bug > Components: security > Affects Versions: 2.0.0-alpha > Reporter: Stephen Chu > Assignee: Stephen Chu > Labels: trivial > Fix For: 3.0.0, 2.0.3-alpha > > Attachments: HDFS-4295.patch > > > In SecureDataNodeStarter: > {code} > if ((ss.getLocalPort() >= 1023 || listener.getPort() >= 1023) && > UserGroupInformation.isSecurityEnabled()) { > throw new RuntimeException("Cannot start secure datanode with > unprivileged ports"); > } > {code} > This prohibits using port 1023, but this should be okay because only root can > listen to ports below 1024. > We can change the >= to >. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira