You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by we...@apache.org on 2019/08/13 23:51:26 UTC
[hadoop] branch trunk updated: HDFS-14625. Make DefaultAuditLogger
class in FSnamesystem to Abstract. Contributed by hemanthboyina.
This is an automated email from the ASF dual-hosted git repository.
weichiu pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new 633b7c1 HDFS-14625. Make DefaultAuditLogger class in FSnamesystem to Abstract. Contributed by hemanthboyina.
633b7c1 is described below
commit 633b7c1cfecde6166899449efae6326ee03cd8c4
Author: Wei-Chiu Chuang <we...@apache.org>
AuthorDate: Tue Aug 13 16:50:49 2019 -0700
HDFS-14625. Make DefaultAuditLogger class in FSnamesystem to Abstract. Contributed by hemanthboyina.
---
.../hdfs/server/namenode/DefaultAuditLogger.java | 93 ++++++++++++++++++++++
.../hadoop/hdfs/server/namenode/FSNamesystem.java | 48 ++---------
.../hdfs/server/namenode/TestAuditLogAtDebug.java | 4 +-
.../hdfs/server/namenode/TestFSNamesystem.java | 13 +--
4 files changed, 109 insertions(+), 49 deletions(-)
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/DefaultAuditLogger.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/DefaultAuditLogger.java
new file mode 100644
index 0000000..9ac0bec
--- /dev/null
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/DefaultAuditLogger.java
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hdfs.server.namenode;
+
+import java.net.InetAddress;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.FileStatus;
+import org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenSecretManager;
+import org.apache.hadoop.ipc.CallerContext;
+import org.apache.hadoop.security.UserGroupInformation;
+
+/**
+ * This class provides an interface for Namenode and Router to Audit events
+ * information. This class can be extended and can be used when no access logger
+ * is defined in the config file.
+ */
+@InterfaceAudience.Public
+@InterfaceStability.Evolving
+public abstract class DefaultAuditLogger extends HdfsAuditLogger {
+ protected static final ThreadLocal<StringBuilder> STRING_BUILDER =
+ new ThreadLocal<StringBuilder>() {
+ @Override
+ protected StringBuilder initialValue() {
+ return new StringBuilder();
+ }
+ };
+
+ protected volatile boolean isCallerContextEnabled;
+
+ /** The maximum bytes a caller context string can have. */
+ protected int callerContextMaxLen;
+ protected int callerSignatureMaxLen;
+
+ /** adds a tracking ID for all audit log events. */
+ protected boolean logTokenTrackingId;
+
+ /** List of commands to provide debug messages. */
+ protected Set<String> debugCmdSet = new HashSet<>();
+
+ /**
+ * Enable or disable CallerContext.
+ *
+ * @param value true, enable CallerContext, otherwise false to disable it.
+ */
+ void setCallerContextEnabled(final boolean value) {
+ isCallerContextEnabled = value;
+ }
+
+ /**
+ * Get the value indicating if CallerContext is enabled.
+ *
+ * @return true, if CallerContext is enabled, otherwise false, if it's
+ * disabled.
+ */
+ boolean getCallerContextEnabled() {
+ return isCallerContextEnabled;
+ }
+
+ public abstract void initialize(Configuration conf);
+
+ public abstract void logAuditMessage(String message);
+
+ public abstract void logAuditEvent(boolean succeeded, String userName,
+ InetAddress addr, String cmd, String src, String dst, FileStatus status,
+ UserGroupInformation ugi, DelegationTokenSecretManager dtSecretManager);
+
+ public abstract void logAuditEvent(boolean succeeded, String userName,
+ InetAddress addr, String cmd, String src, String dst, FileStatus status,
+ CallerContext callerContext, UserGroupInformation ugi,
+ DelegationTokenSecretManager dtSecretManager);
+
+}
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
index e340326..58fb934 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
@@ -1061,7 +1061,7 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
try {
AuditLogger logger;
if (DFS_NAMENODE_DEFAULT_AUDIT_LOGGER_NAME.equals(className)) {
- logger = new DefaultAuditLogger();
+ logger = new FSNamesystemAuditLogger();
} else {
logger = (AuditLogger) Class.forName(className).newInstance();
}
@@ -1077,9 +1077,9 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
// Make sure there is at least one logger installed.
if (auditLoggers.isEmpty()) {
- DefaultAuditLogger defaultAuditLogger = new DefaultAuditLogger();
- defaultAuditLogger.initialize(conf);
- auditLoggers.add(defaultAuditLogger);
+ FSNamesystemAuditLogger fsNamesystemAuditLogger = new FSNamesystemAuditLogger();
+ fsNamesystemAuditLogger.initialize(conf);
+ auditLoggers.add(fsNamesystemAuditLogger);
}
// Add audit logger to calculate top users
@@ -7976,46 +7976,12 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
}
/**
- * Default AuditLogger implementation; used when no access logger is
- * defined in the config file. It can also be explicitly listed in the
+ * FSNamesystem Default AuditLogger implementation;used when no access logger
+ * is defined in the config file. It can also be explicitly listed in the
* config file.
*/
@VisibleForTesting
- static class DefaultAuditLogger extends HdfsAuditLogger {
- private static final ThreadLocal<StringBuilder> STRING_BUILDER =
- new ThreadLocal<StringBuilder>() {
- @Override
- protected StringBuilder initialValue() {
- return new StringBuilder();
- }
- };
-
- private volatile boolean isCallerContextEnabled;
- private int callerContextMaxLen;
- private int callerSignatureMaxLen;
-
- private boolean logTokenTrackingId;
- private Set<String> debugCmdSet = new HashSet<String>();
-
- /**
- * Enable or disable CallerContext.
- *
- * @param value
- * true, enable CallerContext, otherwise false to disable it.
- */
- void setCallerContextEnabled(final boolean value) {
- isCallerContextEnabled = value;
- }
-
- /**
- * Get the value indicating if CallerContext is enabled.
- *
- * @return true, if CallerContext is enabled, otherwise false, if it's
- * disabled.
- */
- boolean getCallerContextEnabled() {
- return isCallerContextEnabled;
- }
+ static class FSNamesystemAuditLogger extends DefaultAuditLogger {
@Override
public void initialize(Configuration conf) {
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogAtDebug.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogAtDebug.java
index 62da809b..eb3f7ab 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogAtDebug.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogAtDebug.java
@@ -24,7 +24,7 @@ import org.slf4j.LoggerFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.HdfsConfiguration;
-import org.apache.hadoop.hdfs.server.namenode.FSNamesystem.DefaultAuditLogger;
+import org.apache.hadoop.hdfs.server.namenode.FSNamesystem.FSNamesystemAuditLogger;
import org.apache.hadoop.test.GenericTestUtils;
import org.apache.log4j.Level;
import org.junit.Rule;
@@ -54,7 +54,7 @@ public class TestAuditLogAtDebug {
private DefaultAuditLogger makeSpyLogger(
Level level, Optional<List<String>> debugCommands) {
- DefaultAuditLogger logger = new DefaultAuditLogger();
+ DefaultAuditLogger logger = new FSNamesystemAuditLogger();
Configuration conf = new HdfsConfiguration();
if (debugCommands.isPresent()) {
conf.set(DFSConfigKeys.DFS_NAMENODE_AUDIT_LOG_DEBUG_CMDLIST,
diff --git a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSNamesystem.java b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSNamesystem.java
index 18cd1b6..33067f7 100644
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSNamesystem.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSNamesystem.java
@@ -247,9 +247,10 @@ public class TestFSNamesystem {
fsn = new FSNamesystem(conf, fsImage);
auditLoggers = fsn.getAuditLoggers();
assertTrue(auditLoggers.size() == 1);
- assertTrue(auditLoggers.get(0) instanceof FSNamesystem.DefaultAuditLogger);
- FSNamesystem.DefaultAuditLogger defaultAuditLogger =
- (FSNamesystem.DefaultAuditLogger) auditLoggers.get(0);
+ assertTrue(
+ auditLoggers.get(0) instanceof FSNamesystem.FSNamesystemAuditLogger);
+ FSNamesystem.FSNamesystemAuditLogger defaultAuditLogger =
+ (FSNamesystem.FSNamesystemAuditLogger) auditLoggers.get(0);
assertTrue(defaultAuditLogger.getCallerContextEnabled());
// Not to specify any audit loggers in config
@@ -262,7 +263,7 @@ public class TestFSNamesystem {
// the audit loggers order is not defined
for (AuditLogger auditLogger : auditLoggers) {
assertThat(auditLogger,
- either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+ either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
.or(instanceOf(TopAuditLogger.class)));
}
@@ -275,7 +276,7 @@ public class TestFSNamesystem {
assertTrue(auditLoggers.size() == 2);
for (AuditLogger auditLogger : auditLoggers) {
assertThat(auditLogger,
- either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+ either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
.or(instanceOf(TopAuditLogger.class)));
}
@@ -289,7 +290,7 @@ public class TestFSNamesystem {
assertTrue(auditLoggers.size() == 3);
for (AuditLogger auditLogger : auditLoggers) {
assertThat(auditLogger,
- either(instanceOf(FSNamesystem.DefaultAuditLogger.class))
+ either(instanceOf(FSNamesystem.FSNamesystemAuditLogger.class))
.or(instanceOf(TopAuditLogger.class))
.or(instanceOf(DummyAuditLogger.class)));
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org