You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Kai Sasaki (JIRA)" <ji...@apache.org> on 2015/06/18 10:32:00 UTC

[jira] [Created] (HADOOP-12102) Add option to list up allowed hosts that can do any operation as generic ACL.

Kai Sasaki created HADOOP-12102:
-----------------------------------

             Summary: Add option to list up allowed hosts that can do any operation as generic ACL.
                 Key: HADOOP-12102
                 URL: https://issues.apache.org/jira/browse/HADOOP-12102
             Project: Hadoop Common
          Issue Type: Improvement
    Affects Versions: 2.7.0
            Reporter: Kai Sasaki
            Assignee: Kai Sasaki
            Priority: Minor


Current NameNode receives all operations through client protocol from any hosts.
However, some critical operations such as format should be restricted with not only Kerberos authentication but also with host names in order to prevent us from formatting NameNode by mistake. It is better to add option to write some allowed hosts which can do any operations to NameNode.

Although originally this is about HDFS daemons, this feature should be implemented as one of generic ACL.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)