You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Kai Sasaki (JIRA)" <ji...@apache.org> on 2015/06/18 10:32:00 UTC
[jira] [Created] (HADOOP-12102) Add option to list up allowed hosts
that can do any operation as generic ACL.
Kai Sasaki created HADOOP-12102:
-----------------------------------
Summary: Add option to list up allowed hosts that can do any operation as generic ACL.
Key: HADOOP-12102
URL: https://issues.apache.org/jira/browse/HADOOP-12102
Project: Hadoop Common
Issue Type: Improvement
Affects Versions: 2.7.0
Reporter: Kai Sasaki
Assignee: Kai Sasaki
Priority: Minor
Current NameNode receives all operations through client protocol from any hosts.
However, some critical operations such as format should be restricted with not only Kerberos authentication but also with host names in order to prevent us from formatting NameNode by mistake. It is better to add option to write some allowed hosts which can do any operations to NameNode.
Although originally this is about HDFS daemons, this feature should be implemented as one of generic ACL.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)