You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-commits@hadoop.apache.org by at...@apache.org on 2012/11/30 20:19:02 UTC
svn commit: r1415797 - in
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs: ./
src/main/java/org/apache/hadoop/hdfs/
src/main/java/org/apache/hadoop/hdfs/server/namenode/ src/main/resources/
src/test/java/org/apache/hadoop/hdfs/server/namenode/
Author: atm
Date: Fri Nov 30 19:19:01 2012
New Revision: 1415797
URL: http://svn.apache.org/viewvc?rev=1415797&view=rev
Log:
Reverting initial commit of HDFS-3680 pending further comments.
Removed:
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuditLogger.java
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogger.java
Modified:
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
Modified: hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt?rev=1415797&r1=1415796&r2=1415797&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt (original)
+++ hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt Fri Nov 30 19:19:01 2012
@@ -490,9 +490,6 @@ Release 2.0.3-alpha - Unreleased
HDFS-4214. OfflineEditsViewer should print out the offset at which it
encountered an error. (Colin Patrick McCabe via atm)
- HDFS-3680. Allow customized audit logging in HDFS FSNamesystem. (Marcelo
- Vanzin via atm)
-
OPTIMIZATIONS
BUG FIXES
Modified: hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java?rev=1415797&r1=1415796&r2=1415797&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java (original)
+++ hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java Fri Nov 30 19:19:01 2012
@@ -246,8 +246,6 @@ public class DFSConfigKeys extends Commo
public static final String DFS_HOSTS = "dfs.hosts";
public static final String DFS_HOSTS_EXCLUDE = "dfs.hosts.exclude";
public static final String DFS_CLIENT_LOCAL_INTERFACES = "dfs.client.local.interfaces";
- public static final String DFS_NAMENODE_AUDIT_LOGGERS_KEY = "dfs.namenode.audit.loggers";
- public static final String DFS_NAMENODE_DEFAULT_AUDIT_LOGGER_NAME = "default";
// Much code in hdfs is not yet updated to use these keys.
public static final String DFS_CLIENT_BLOCK_WRITE_LOCATEFOLLOWINGBLOCK_RETRIES_KEY = "dfs.client.block.write.locateFollowingBlock.retries";
Modified: hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java?rev=1415797&r1=1415796&r2=1415797&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java (original)
+++ hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java Fri Nov 30 19:19:01 2012
@@ -34,8 +34,6 @@ import static org.apache.hadoop.hdfs.DFS
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_STANDBY_CHECKPOINTS_DEFAULT;
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_HA_STANDBY_CHECKPOINTS_KEY;
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_ACCESSTIME_PRECISION_KEY;
-import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_AUDIT_LOGGERS_KEY;
-import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_DEFAULT_AUDIT_LOGGER_NAME;
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_DEFAULT;
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_DELEGATION_KEY_UPDATE_INTERVAL_KEY;
import static org.apache.hadoop.hdfs.DFSConfigKeys.DFS_NAMENODE_DELEGATION_TOKEN_ALWAYS_USE_DEFAULT;
@@ -113,7 +111,6 @@ import org.apache.hadoop.conf.Configurat
import org.apache.hadoop.fs.ContentSummary;
import org.apache.hadoop.fs.CreateFlag;
import org.apache.hadoop.fs.FileAlreadyExistsException;
-import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FsServerDefaults;
import org.apache.hadoop.fs.InvalidPathException;
import org.apache.hadoop.fs.Options;
@@ -249,32 +246,32 @@ public class FSNamesystem implements Nam
}
};
- private boolean isAuditEnabled() {
- return !isDefaultAuditLogger || auditLog.isInfoEnabled();
- }
-
- private void logAuditEvent(UserGroupInformation ugi,
+ private static final void logAuditEvent(UserGroupInformation ugi,
InetAddress addr, String cmd, String src, String dst,
HdfsFileStatus stat) {
logAuditEvent(true, ugi, addr, cmd, src, dst, stat);
}
- private void logAuditEvent(boolean succeeded,
+ private static final void logAuditEvent(boolean succeeded,
UserGroupInformation ugi, InetAddress addr, String cmd, String src,
String dst, HdfsFileStatus stat) {
- FileStatus status = null;
- if (stat != null) {
- Path symlink = stat.isSymlink() ? new Path(stat.getSymlink()) : null;
- Path path = dst != null ? new Path(dst) : new Path(src);
- status = new FileStatus(stat.getLen(), stat.isDir(),
- stat.getReplication(), stat.getBlockSize(), stat.getModificationTime(),
- stat.getAccessTime(), stat.getPermission(), stat.getOwner(),
- stat.getGroup(), symlink, path);
- }
- for (AuditLogger logger : auditLoggers) {
- logger.logAuditEvent(succeeded, ugi.toString(), addr,
- cmd, src, dst, status);
+ final StringBuilder sb = auditBuffer.get();
+ sb.setLength(0);
+ sb.append("allowed=").append(succeeded).append("\t");
+ sb.append("ugi=").append(ugi).append("\t");
+ sb.append("ip=").append(addr).append("\t");
+ sb.append("cmd=").append(cmd).append("\t");
+ sb.append("src=").append(src).append("\t");
+ sb.append("dst=").append(dst).append("\t");
+ if (null == stat) {
+ sb.append("perm=null");
+ } else {
+ sb.append("perm=");
+ sb.append(stat.getOwner()).append(":");
+ sb.append(stat.getGroup()).append(":");
+ sb.append(stat.getPermission());
}
+ auditLog.info(sb);
}
/**
@@ -307,11 +304,6 @@ public class FSNamesystem implements Nam
final DelegationTokenSecretManager dtSecretManager;
private final boolean alwaysUseDelegationTokensForTests;
- // Tracks whether the default audit logger is the only configured audit
- // logger; this allows isAuditEnabled() to return false in case the
- // underlying logger is disabled, and avoid some unnecessary work.
- private final boolean isDefaultAuditLogger;
- private final List<AuditLogger> auditLoggers;
/** The namespace tree. */
FSDirectory dir;
@@ -544,48 +536,12 @@ public class FSNamesystem implements Nam
this.dtSecretManager = createDelegationTokenSecretManager(conf);
this.dir = new FSDirectory(fsImage, this, conf);
this.safeMode = new SafeModeInfo(conf);
- this.auditLoggers = initAuditLoggers(conf);
- this.isDefaultAuditLogger = auditLoggers.size() == 1 &&
- auditLoggers.get(0) instanceof DefaultAuditLogger;
+
} catch(IOException e) {
LOG.error(getClass().getSimpleName() + " initialization failed.", e);
close();
throw e;
- } catch (RuntimeException re) {
- LOG.error(getClass().getSimpleName() + " initialization failed.", re);
- close();
- throw re;
- }
- }
-
- private List<AuditLogger> initAuditLoggers(Configuration conf) {
- // Initialize the custom access loggers if configured.
- Collection<String> alClasses = conf.getStringCollection(DFS_NAMENODE_AUDIT_LOGGERS_KEY);
- List<AuditLogger> auditLoggers = Lists.newArrayList();
- if (alClasses != null && !alClasses.isEmpty()) {
- for (String className : alClasses) {
- try {
- AuditLogger logger;
- if (DFS_NAMENODE_DEFAULT_AUDIT_LOGGER_NAME.equals(className)) {
- logger = new DefaultAuditLogger();
- } else {
- logger = (AuditLogger) Class.forName(className).newInstance();
- }
- logger.initialize(conf);
- auditLoggers.add(logger);
- } catch (RuntimeException re) {
- throw re;
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
- }
-
- // Make sure there is at least one logger installed.
- if (auditLoggers.isEmpty()) {
- auditLoggers.add(new DefaultAuditLogger());
}
- return auditLoggers;
}
void loadFSImage(StartupOption startOpt, FSImage fsImage, boolean haEnabled)
@@ -1120,7 +1076,7 @@ public class FSNamesystem implements Nam
try {
setPermissionInt(src, permission);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setPermission", src, null, null);
@@ -1142,14 +1098,14 @@ public class FSNamesystem implements Nam
}
checkOwner(src);
dir.setPermission(src, permission);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(src, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setPermission", src, null, resultingStat);
@@ -1166,7 +1122,7 @@ public class FSNamesystem implements Nam
try {
setOwnerInt(src, username, group);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setOwner", src, null, null);
@@ -1197,14 +1153,14 @@ public class FSNamesystem implements Nam
}
}
dir.setOwner(src, username, group);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(src, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setOwner", src, null, resultingStat);
@@ -1247,7 +1203,7 @@ public class FSNamesystem implements Nam
return getBlockLocationsInt(src, offset, length, doAccessTime,
needBlockToken, checkSafeMode);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"open", src, null, null);
@@ -1273,7 +1229,7 @@ public class FSNamesystem implements Nam
}
final LocatedBlocks ret = getBlockLocationsUpdateTimes(src,
offset, length, doAccessTime, needBlockToken);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"open", src, null, null);
@@ -1354,7 +1310,7 @@ public class FSNamesystem implements Nam
try {
concatInt(target, srcs);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getLoginUser(),
getRemoteIp(),
"concat", Arrays.toString(srcs), target, null);
@@ -1397,14 +1353,14 @@ public class FSNamesystem implements Nam
throw new SafeModeException("Cannot concat " + target, safeMode);
}
concatInternal(target, srcs);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(target, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getLoginUser(),
getRemoteIp(),
"concat", Arrays.toString(srcs), target, resultingStat);
@@ -1525,7 +1481,7 @@ public class FSNamesystem implements Nam
try {
setTimesInt(src, mtime, atime);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setTimes", src, null, null);
@@ -1551,7 +1507,7 @@ public class FSNamesystem implements Nam
INode inode = dir.getINode(src);
if (inode != null) {
dir.setTimes(src, inode, mtime, atime, true);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
final HdfsFileStatus stat = dir.getFileInfo(src, false);
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
@@ -1574,7 +1530,7 @@ public class FSNamesystem implements Nam
try {
createSymlinkInt(target, link, dirPerms, createParent);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"createSymlink", link, target, null);
@@ -1595,14 +1551,14 @@ public class FSNamesystem implements Nam
verifyParentDir(link);
}
createSymlinkInternal(target, link, dirPerms, createParent);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(link, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"createSymlink", link, target, resultingStat);
@@ -1658,7 +1614,7 @@ public class FSNamesystem implements Nam
try {
return setReplicationInt(src, replication);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setReplication", src, null, null);
@@ -1694,7 +1650,7 @@ public class FSNamesystem implements Nam
}
getEditLog().logSync();
- if (isFile && isAuditEnabled() && isExternalInvocation()) {
+ if (isFile && auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"setReplication", src, null, null);
@@ -1750,7 +1706,7 @@ public class FSNamesystem implements Nam
startFileInt(src, permissions, holder, clientMachine, flag, createParent,
replication, blockSize);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"create", src, null, null);
@@ -1783,7 +1739,7 @@ public class FSNamesystem implements Nam
}
}
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
final HdfsFileStatus stat = dir.getFileInfo(src, false);
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
@@ -2084,7 +2040,7 @@ public class FSNamesystem implements Nam
try {
return appendFileInt(src, holder, clientMachine);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"append", src, null, null);
@@ -2130,7 +2086,7 @@ public class FSNamesystem implements Nam
+" block size " + lb.getBlock().getNumBytes());
}
}
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"append", src, null, null);
@@ -2576,7 +2532,7 @@ public class FSNamesystem implements Nam
try {
return renameToInt(src, dst);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"rename", src, dst, null);
@@ -2598,14 +2554,14 @@ public class FSNamesystem implements Nam
checkOperation(OperationCategory.WRITE);
status = renameToInternal(src, dst);
- if (status && isAuditEnabled() && isExternalInvocation()) {
+ if (status && auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(dst, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (status && isAuditEnabled() && isExternalInvocation()) {
+ if (status && auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"rename", src, dst, resultingStat);
@@ -2655,14 +2611,14 @@ public class FSNamesystem implements Nam
checkOperation(OperationCategory.WRITE);
renameToInternal(src, dst, options);
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
resultingStat = dir.getFileInfo(dst, false);
}
} finally {
writeUnlock();
}
getEditLog().logSync();
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
StringBuilder cmd = new StringBuilder("rename options=");
for (Rename option : options) {
cmd.append(option.value()).append(" ");
@@ -2703,7 +2659,7 @@ public class FSNamesystem implements Nam
try {
return deleteInt(src, recursive);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"delete", src, null, null);
@@ -2719,7 +2675,7 @@ public class FSNamesystem implements Nam
NameNode.stateChangeLog.debug("DIR* NameSystem.delete: " + src);
}
boolean status = deleteInternal(src, recursive, true);
- if (status && isAuditEnabled() && isExternalInvocation()) {
+ if (status && auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"delete", src, null, null);
@@ -2885,7 +2841,7 @@ public class FSNamesystem implements Nam
}
stat = dir.getFileInfo(src, resolveLink);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"getfileinfo", src, null, null);
@@ -2894,7 +2850,7 @@ public class FSNamesystem implements Nam
} finally {
readUnlock();
}
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"getfileinfo", src, null, null);
@@ -2910,7 +2866,7 @@ public class FSNamesystem implements Nam
try {
return mkdirsInt(src, permissions, createParent);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"mkdirs", src, null, null);
@@ -2934,7 +2890,7 @@ public class FSNamesystem implements Nam
writeUnlock();
}
getEditLog().logSync();
- if (status && isAuditEnabled() && isExternalInvocation()) {
+ if (status && auditLog.isInfoEnabled() && isExternalInvocation()) {
final HdfsFileStatus stat = dir.getFileInfo(src, false);
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
@@ -3363,7 +3319,7 @@ public class FSNamesystem implements Nam
try {
return getListingInt(src, startAfter, needLocation);
} catch (AccessControlException e) {
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(false, UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"listStatus", src, null, null);
@@ -3387,7 +3343,7 @@ public class FSNamesystem implements Nam
checkTraverse(src);
}
}
- if (isAuditEnabled() && isExternalInvocation()) {
+ if (auditLog.isInfoEnabled() && isExternalInvocation()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
getRemoteIp(),
"listStatus", src, null, null);
@@ -5330,7 +5286,7 @@ public class FSNamesystem implements Nam
* Log fsck event in the audit log
*/
void logFsckEvent(String src, InetAddress remoteAddress) throws IOException {
- if (isAuditEnabled()) {
+ if (auditLog.isInfoEnabled()) {
logAuditEvent(UserGroupInformation.getCurrentUser(),
remoteAddress,
"fsck", src, null, null);
@@ -5585,44 +5541,4 @@ public class FSNamesystem implements Nam
return this.blockManager.getDatanodeManager()
.isAvoidingStaleDataNodesForWrite();
}
-
- /**
- * Default AuditLogger implementation; used when no access logger is
- * defined in the config file. It can also be explicitly listed in the
- * config file.
- */
- private static class DefaultAuditLogger implements AuditLogger {
-
- @Override
- public void initialize(Configuration conf) {
- // Nothing to do.
- }
-
- @Override
- public void logAuditEvent(boolean succeeded, String userName,
- InetAddress addr, String cmd, String src, String dst,
- FileStatus status) {
- if (auditLog.isInfoEnabled()) {
- final StringBuilder sb = auditBuffer.get();
- sb.setLength(0);
- sb.append("allowed=").append(succeeded).append("\t");
- sb.append("ugi=").append(userName).append("\t");
- sb.append("ip=").append(addr).append("\t");
- sb.append("cmd=").append(cmd).append("\t");
- sb.append("src=").append(src).append("\t");
- sb.append("dst=").append(dst).append("\t");
- if (null == status) {
- sb.append("perm=null");
- } else {
- sb.append("perm=");
- sb.append(status.getOwner()).append(":");
- sb.append(status.getGroup()).append(":");
- sb.append(status.getPermission());
- }
- auditLog.info(sb);
- }
- }
-
- }
-
}
Modified: hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml?rev=1415797&r1=1415796&r2=1415797&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml (original)
+++ hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml Fri Nov 30 19:19:01 2012
@@ -1184,17 +1184,4 @@
</description>
</property>
-<property>
- <name>dfs.namenode.audit.loggers</name>
- <value>default</value>
- <description>
- List of classes implementing audit loggers that will receive audit events.
- These should be implementations of org.apache.hadoop.hdfs.server.namenode.AuditLogger.
- The special value "default" can be used to reference the default audit
- logger, which uses the configured log system. Installing custom audit loggers
- may affect the performance and stability of the NameNode. Refer to the custom
- logger's documentation for more details.
- </description>
-</property>
-
</configuration>