You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-commits@hadoop.apache.org by st...@apache.org on 2023/02/17 16:30:53 UTC

[hadoop] branch trunk updated: HADOOP-18627. Add stronger wording in 'secure mode' introduction (#5406)

This is an automated email from the ASF dual-hosted git repository.

stevel pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 02fd87a4d8d HADOOP-18627. Add stronger wording in 'secure mode' introduction (#5406)
02fd87a4d8d is described below

commit 02fd87a4d8d18304d4bda147367cf5497622e75e
Author: Arnout Engelen <ar...@engelen.eu>
AuthorDate: Fri Feb 17 17:30:41 2023 +0100

    HADOOP-18627. Add stronger wording in 'secure mode' introduction (#5406)
    
    
    Make it more clear that when deploying Hadoop 'secure mode' is generally not optional.
    
    Contributed by Arnout Engelen
---
 hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md b/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
index 98c3dd2bbb9..4ef2cd9291a 100644
--- a/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
+++ b/hadoop-common-project/hadoop-common/src/site/markdown/SecureMode.md
@@ -20,7 +20,9 @@ Hadoop in Secure Mode
 Introduction
 ------------
 
-This document describes how to configure authentication for Hadoop in secure mode. When Hadoop is configured to run in secure mode, each Hadoop service and each user must be authenticated by Kerberos.
+In its default configuration, we expect you to make sure attackers don't have access to your Hadoop cluster by restricting all network access. If you want any restrictions on who can remotely access data or submit work, you MUST secure authentication and access for your Hadoop cluster as described in this document.
+
+When Hadoop is configured to run in secure mode, each Hadoop service and each user must be authenticated by Kerberos.
 
 Forward and reverse host lookup for all service hosts must be configured correctly to allow services to authenticate with each other. Host lookups may be configured using either DNS or `/etc/hosts` files. Working knowledge of Kerberos and DNS is recommended before attempting to configure Hadoop services in Secure Mode.
 


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org