You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kudu.apache.org by jd...@apache.org on 2017/02/17 17:46:46 UTC

[2/3] kudu git commit: Tag kerberos_principal flag as unsafe

Tag kerberos_principal flag as unsafe

See the new comment and KUDU-1884 for rationale.

Change-Id: I6b296265c9a62a2908222d28903a47ea31719db2
Reviewed-on: http://gerrit.cloudera.org:8080/6036
Tested-by: Kudu Jenkins
Reviewed-by: Todd Lipcon <to...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/kudu/repo
Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/de699327
Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/de699327
Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/de699327

Branch: refs/heads/master
Commit: de69932749e33663bb8d49db5a4d2f3fc74bbbaf
Parents: 866287c
Author: Todd Lipcon <to...@apache.org>
Authored: Wed Feb 15 23:42:00 2017 -0800
Committer: Todd Lipcon <to...@apache.org>
Committed: Fri Feb 17 17:41:42 2017 +0000

----------------------------------------------------------------------
 src/kudu/security/init.cc | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kudu/blob/de699327/src/kudu/security/init.cc
----------------------------------------------------------------------
diff --git a/src/kudu/security/init.cc b/src/kudu/security/init.cc
index b5e2e41..7e21d89 100644
--- a/src/kudu/security/init.cc
+++ b/src/kudu/security/init.cc
@@ -37,10 +37,11 @@ DEFINE_string(kerberos_principal, "kudu/_HOST",
               "Kerberos principal that this daemon will log in as. The special token "
               "_HOST will be replaced with the FQDN of the local host.");
 TAG_FLAG(kerberos_principal, experimental);
-
-// TODO(todd): this currently only affects the keytab login which is used
-// for client credentials, but doesn't affect the SASL server code path.
-// We probably need to plumb the same configuration into the RPC code.
+// This is currently tagged as unsafe because there is no way for users to configure
+// clients to expect a non-default principal. As such, configuring a server to login
+// as a different one would end up with a cluster that can't be connected to.
+// See KUDU-1884.
+TAG_FLAG(kerberos_principal, unsafe);
 
 using std::mt19937;
 using std::random_device;