You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-dev@hadoop.apache.org by "Koji Noguchi (JIRA)" <ji...@apache.org> on 2008/09/25 00:43:44 UTC
[jira] Created: (HADOOP-4268) Permission checking in fsck
Permission checking in fsck
---------------------------
Key: HADOOP-4268
URL: https://issues.apache.org/jira/browse/HADOOP-4268
Project: Hadoop Core
Issue Type: New Feature
Components: dfs
Affects Versions: 0.17.2
Reporter: Koji Noguchi
Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Attachment: 4268_20081218b.patch
4268_20081218b.patch: added a test.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12661018#action_12661018 ]
Tsz Wo (Nicholas), SZE commented on HADOOP-4268:
------------------------------------------------
It passed all tests locally, except for a un-related test TestMapReduceLocal. See HADOOP-4907.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Assignee: Tsz Wo (Nicholas), SZE
> Fix For: 0.21.0
>
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Fix Version/s: 0.21.0
Assignee: Tsz Wo (Nicholas), SZE
Release Note: Add permission checking on fsck. Before the changes, fsck invokes NameNode internal methods directly. So that any user can run fsck on any path, even for the path they do not have permission to access the files. After the changes, fsck invokes the ClientProtocol methods. Then the corresponding permission requirement for running the ClientProtocol methods will be enforced.
Hadoop Flags: [Incompatible change, Reviewed]
Status: Patch Available (was: Open)
{noformat}
[exec] +1 overall.
[exec]
[exec] +1 @author. The patch does not contain any @author tags.
[exec]
[exec] +1 tests included. The patch appears to include 6 new or modified tests.
[exec]
[exec] +1 javadoc. The javadoc tool did not generate any warning messages.
[exec]
[exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings.
[exec]
[exec] +1 findbugs. The patch does not introduce any new Findbugs warnings.
[exec]
[exec] +1 Eclipse classpath. The patch retains Eclipse classpath integrity.
{noformat}
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Assignee: Tsz Wo (Nicholas), SZE
> Fix For: 0.21.0
>
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Attachment: 4268_20081230.patch
4268_20081230.patch: moved the new unit test to TestFsck.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Attachment: 4268_20081217.patch
4268_20081217.patch: check permissions for fsck
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-4268) Permission checking in fsck
Posted by "Konstantin Shvachko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12660945#action_12660945 ]
Konstantin Shvachko commented on HADOOP-4268:
---------------------------------------------
+1. This looks good to me.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-4268) Permission checking in fsck
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12661266#action_12661266 ]
Hudson commented on HADOOP-4268:
--------------------------------
Integrated in Hadoop-trunk #708 (See [http://hudson.zones.apache.org/hudson/job/Hadoop-trunk/708/])
. Change fsck to use ClientProtocol methods for enforcing permissions. (szetszwo)
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Assignee: Tsz Wo (Nicholas), SZE
> Fix For: 0.21.0
>
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (HADOOP-4268) Permission checking in fsck
Posted by "Konstantin Shvachko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12659158#action_12659158 ]
Konstantin Shvachko commented on HADOOP-4268:
---------------------------------------------
# NamenodeFsck constructor has new parameters, which can be obtained from the {{NameNode nn}} parameter during the construction. Why do you need the new parameters?
# I do not understand the reason for factoring out {{TestDFSck}} into a separate class especially if it is in a separate package.
I would rather place both methods from {{TestDFSck}} back into {{TestFsck}}.
# I don't think introduction of a new package is justified in the case.
# In any case {{TestDFSck}}, {{runDFSck}} anything with DFS are bad names, we should use HDFS or nothing.
# {{testPermission()}} should have a Javadoc explaining what the test tests and how.
So that one could see it from the description without going through the code.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Resolution: Fixed
Hadoop Flags: [Incompatible change, Reviewed] (was: [Reviewed, Incompatible change])
Status: Resolved (was: Patch Available)
I just committed this.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Assignee: Tsz Wo (Nicholas), SZE
> Fix For: 0.21.0
>
> Attachments: 4268_20081217.patch, 4268_20081218.patch, 4268_20081218b.patch, 4268_20081230.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (HADOOP-4268) Permission checking in fsck
Posted by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HADOOP-4268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tsz Wo (Nicholas), SZE updated HADOOP-4268:
-------------------------------------------
Attachment: 4268_20081218.patch
4268_20081218.patch: forgot to change DFSck in my previous patch. It temporarily includes the codes in HADOOP-4896. Tested this manually.
> Permission checking in fsck
> ---------------------------
>
> Key: HADOOP-4268
> URL: https://issues.apache.org/jira/browse/HADOOP-4268
> Project: Hadoop Core
> Issue Type: New Feature
> Components: dfs
> Affects Versions: 0.17.2
> Reporter: Koji Noguchi
> Attachments: 4268_20081217.patch, 4268_20081218.patch
>
>
> Quoting from HADOOP-3222 ("fsck should require superuser privilege"),
> bq. I agree that it makes sense to make fsck do permission checking for the nodes that it traverses. If a user does a fsck on files/directories that he/she has access to (using permissions) then that invocation of fsck should be allowed. Since "/" is usually owned by super-user, only super-user should be allowed to run fsck on "/".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.