You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Harsh J (JIRA)" <ji...@apache.org> on 2015/09/25 22:32:04 UTC
[jira] [Resolved] (HDFS-6674)
UserGroupInformation.loginUserFromKeytab will hang forever if keytab file
length is less than 6 byte.
[ https://issues.apache.org/jira/browse/HDFS-6674?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Harsh J resolved HDFS-6674.
---------------------------
Resolution: Invalid
The hang, if still valid, seems to result as an outcome of the underlying Java libraries being at fault. There's not anything HDFS can control about this, and this bug instead needs to be reported to the Oracle/OpenJDK communities with a test case.
> UserGroupInformation.loginUserFromKeytab will hang forever if keytab file length is less than 6 byte.
> ------------------------------------------------------------------------------------------------------
>
> Key: HDFS-6674
> URL: https://issues.apache.org/jira/browse/HDFS-6674
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: security
> Affects Versions: 2.0.1-alpha
> Reporter: liuyang
> Priority: Minor
>
> The jstack is as follows:
> java.lang.Thread.State: RUNNABLE
> at java.io.FileInputStream.available(Native Method)
> at java.io.BufferedInputStream.available(BufferedInputStream.java:399)
> - locked <0x0000000745585330> (a sun.security.krb5.internal.ktab.KeyTabInputStream)
> at sun.security.krb5.internal.ktab.KeyTab.load(KeyTab.java:257)
> at sun.security.krb5.internal.ktab.KeyTab.<init>(KeyTab.java:97)
> at sun.security.krb5.internal.ktab.KeyTab.getInstance0(KeyTab.java:124)
> - locked <0x0000000745586560> (a java.lang.Class for sun.security.krb5.internal.ktab.KeyTab)
> at sun.security.krb5.internal.ktab.KeyTab.getInstance(KeyTab.java:157)
> at javax.security.auth.kerberos.KeyTab.takeSnapshot(KeyTab.java:119)
> at javax.security.auth.kerberos.KeyTab.getEncryptionKeys(KeyTab.java:192)
> at javax.security.auth.kerberos.JavaxSecurityAuthKerberosAccessImpl.keyTabGetEncryptionKeys(JavaxSecurityAuthKerberosAccessImpl.java:36)
> at sun.security.jgss.krb5.Krb5Util.keysFromJavaxKeyTab(Krb5Util.java:381)
> at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:701)
> at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
> at javax.security.auth.login.LoginContext$5.run(LoginContext.java:721)
> at javax.security.auth.login.LoginContext$5.run(LoginContext.java:719)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:718)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:590)
> at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:679)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)