You are viewing a plain text version of this content. The canonical link for it is here.

Posted to hdfs-dev@hadoop.apache.org by "Ahad Rana (JIRA)" <ji...@apache.org> on 2012/10/12 02:45:02 UTC

[jira] [Created] (HDFS-4043) Namenode Kerberos Login does not use proper hostname for host qualified hdfs principal name.

Ahad Rana created HDFS-4043:
-------------------------------

             Summary: Namenode Kerberos Login does not use proper hostname for host qualified hdfs principal name.
                 Key: HDFS-4043
                 URL: https://issues.apache.org/jira/browse/HDFS-4043
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: security
    Affects Versions: 2.0.2-alpha, 2.0.1-alpha, 2.0.0-alpha, 2.0.3-alpha
         Environment: CDH4U1 on Ubuntu 12.04
            Reporter: Ahad Rana


The Namenode uses the loginAsNameNodeUser method in NameNode.java to login using the hdfs principal. This method in turn invokes SecurityUtil.login with a hostname (last parameter) obtained via a call to InetAddress.getHostName. This call does not always return the fully qualified host name, and thus causes the namenode to login to fail due to kerberos's inability to find a matching hdfs principal in the hdfs.keytab file. Instead it should use InetAddress.getCanonicalHostName. This is consistent with what is used internally by SecurityUtil.java to login in other services, such as the DataNode. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira