You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Stephen Chu (JIRA)" <ji...@apache.org> on 2013/11/07 01:26:19 UTC

[jira] [Created] (HDFS-5471) CacheAdmin -listPools fails when pools exist that user does not have permissions to

Stephen Chu created HDFS-5471:
---------------------------------

             Summary: CacheAdmin -listPools fails when pools exist that user does not have permissions to
                 Key: HDFS-5471
                 URL: https://issues.apache.org/jira/browse/HDFS-5471
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: tools
    Affects Versions: 3.0.0
            Reporter: Stephen Chu


When a user does not have read permissions to a cache pool and executes "hdfs cacheadmin -listPools" the command will error complaining about missing required fields with something like:

{code}
[schu@hdfs-nfs ~]$ hdfs cacheadmin -listPools
Exception in thread "main" org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.ipc.RemoteException): Message missing required fields: ownerName, groupName, mode, weight
	at com.google.protobuf.AbstractMessage$Builder.newUninitializedMessageException(AbstractMessage.java:770)
	at org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos$ListCachePoolsResponseElementProto$Builder.build(ClientNamenodeProtocolProtos.java:51722)
	at org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolServerSideTranslatorPB.listCachePools(ClientNamenodeProtocolServerSideTranslatorPB.java:1200)
	at org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos$ClientNamenodeProtocol$2.callBlockingMethod(ClientNamenodeProtocolProtos.java)
	at org.apache.hadoop.ipc.ProtobufRpcEngine$Server$ProtoBufRpcInvoker.call(ProtobufRpcEngine.java:605)
	at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:932)
	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2057)
	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2053)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:396)
	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1515)
	at org.apache.hadoop.ipc.Server$Handler.run(Server.java:2051)

	at org.apache.hadoop.hdfs.tools.CacheAdmin$ListCachePoolsCommand.run(CacheAdmin.java:675)
	at org.apache.hadoop.hdfs.tools.CacheAdmin.run(CacheAdmin.java:85)
	at org.apache.hadoop.hdfs.tools.CacheAdmin.main(CacheAdmin.java:90)
[schu@hdfs-nfs ~]$ 
{code}

In this example, the pool "root" has 750 permissions, and the root superuser is able to successfully -listPools:

{code}
[root@hdfs-nfs ~]# hdfs cacheadmin -listPools
Found 4 results.
NAME  OWNER  GROUP  MODE       WEIGHT 
bar   root   root   rwxr-xr-x  100    
foo   root   root   rwxr-xr-x  100    
root  root   root   rwxr-x---  100    
schu  root   root   rwxr-xr-x  100    
[root@hdfs-nfs ~]# 
{code}


When we modify the root pool to mode 755, schu user can now -listPools successfully without error.

{code}
[schu@hdfs-nfs ~]$ hdfs cacheadmin -listPools
Found 4 results.
NAME  OWNER  GROUP  MODE       WEIGHT 
bar   root   root   rwxr-xr-x  100    
foo   root   root   rwxr-xr-x  100    
root  root   root   rwxr-xr-x  100    
schu  root   root   rwxr-xr-x  100    
[schu@hdfs-nfs ~]$ 
{code}



--
This message was sent by Atlassian JIRA
(v6.1#6144)