You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mapreduce-commits@hadoop.apache.org by el...@apache.org on 2011/05/14 00:06:37 UTC

svn commit: r1102908 - in /hadoop/mapreduce/trunk: CHANGES.txt src/c++/task-controller/main.c

Author: eli
Date: Fri May 13 22:06:36 2011
New Revision: 1102908

URL: http://svn.apache.org/viewvc?rev=1102908&view=rev
Log:
MAPREDUCE-2103. task-controller shouldn't require o-r permissions. Contributed by Todd Lipcon

Modified:
    hadoop/mapreduce/trunk/CHANGES.txt
    hadoop/mapreduce/trunk/src/c++/task-controller/main.c

Modified: hadoop/mapreduce/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/CHANGES.txt?rev=1102908&r1=1102907&r2=1102908&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/CHANGES.txt (original)
+++ hadoop/mapreduce/trunk/CHANGES.txt Fri May 13 22:06:36 2011
@@ -382,6 +382,9 @@ Release 0.22.0 - Unreleased
     MAPREDUCE-2222. Ivy resolve force mode should be turned off by default.
     (Luke Lu via tomwhite)
 
+    MAPREDUCE-2103. task-controller shouldn't require o-r permissions.
+    (todd via eli)
+
   OPTIMIZATIONS
 
     MAPREDUCE-1354. Enhancements to JobTracker for better performance and

Modified: hadoop/mapreduce/trunk/src/c++/task-controller/main.c
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/c%2B%2B/task-controller/main.c?rev=1102908&r1=1102907&r2=1102908&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/c++/task-controller/main.c (original)
+++ hadoop/mapreduce/trunk/src/c++/task-controller/main.c Fri May 13 22:06:36 2011
@@ -49,8 +49,8 @@ void display_usage(FILE *stream) {
  * promisable. For this, we need task-controller binary to
  *    * be user-owned by root
  *    * be group-owned by a configured special group.
- *    * others do not have any permissions
- *    * be setuid/setgid
+ *    * others do not have write or execute permissions
+ *    * be setuid
  */
 int check_taskcontroller_permissions(char *executable_file) {
 
@@ -99,19 +99,18 @@ int check_taskcontroller_permissions(cha
     return -1;
   }
   
-  // check others do not have read/write/execute permissions
-  if ((filestat.st_mode & S_IROTH) == S_IROTH || (filestat.st_mode & S_IWOTH)
-      == S_IWOTH || (filestat.st_mode & S_IXOTH) == S_IXOTH) {
+  // check others do not have write/execute permissions
+  if ((filestat.st_mode & S_IWOTH) == S_IWOTH ||
+      (filestat.st_mode & S_IXOTH) == S_IXOTH) {
     fprintf(LOGFILE,
-      "The task-controller binary should not have read or write or execute for others.\n");
+      "The task-controller binary should not have write or execute for others.\n");
     return -1;
   }
 
-  // Binary should be setuid/setgid executable
-  if ((filestat.st_mode & S_ISUID) != S_ISUID || (filestat.st_mode & S_ISGID)
-      != S_ISGID) {
-    fprintf(LOGFILE,
-        "The task-controller binary should be set setuid and setgid bits.\n");
+  // Binary should be setuid executable
+  if ((filestat.st_mode & S_ISUID) != S_ISUID) {
+     fprintf(LOGFILE,
+        "The task-controller binary should be set setuid.\n");
     return -1;
   }