HADOOP-6590. Add a username check for hadoop sub-commands (John Smith via aw)

2014-12-10 13:41:28 -08:00 · 2014-12-10 13:41:28 -08:00 · c536142699
parent a7c6c710b2
commit c536142699
7 changed files with 28 additions and 0 deletions
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@ -25,6 +25,8 @@ Trunk (Unreleased)
    Mike Liddell, Chuan Liu, Lengning Liu, Ivan Mitic, Michael Rys,
    Alexander Stojanovich, Brian Swan, and Min Wei via cnauroth)

+    HADOOP-6590. Add a username check for hadoop sub-commands (John Smith via aw)
+    
  IMPROVEMENTS

    HADOOP-8017. Configure hadoop-main pom to get rid of M2E plugin execution
--- a/hadoop-common-project/hadoop-common/src/main/bin/hadoop
+++ b/hadoop-common-project/hadoop-common/src/main/bin/hadoop
@ -179,6 +179,8 @@ case ${COMMAND} in
  ;;
 esac

+hadoop_verify_user "${COMMAND}"
+
 # Always respect HADOOP_OPTS and HADOOP_CLIENT_OPTS
 hadoop_debug "Appending HADOOP_CLIENT_OPTS onto HADOOP_OPTS"
 HADOOP_OPTS="${HADOOP_OPTS} ${HADOOP_CLIENT_OPTS}"
--- a/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
+++ b/hadoop-common-project/hadoop-common/src/main/bin/hadoop-functions.sh
@ -1154,3 +1154,15 @@ function hadoop_secure_daemon_handler
  esac
 }

+function hadoop_verify_user
+{
+  local command=$1
+  local uservar="HADOOP_${command}_USER"
+
+  if [[ -n ${!uservar} ]]; then
+    if [[ ${!uservar} !=  ${USER} ]]; then
+      hadoop_error "ERROR: ${command} can only be executed by ${!uservar}."
+      exit 1
+    fi
+  fi
+}
--- a/hadoop-common-project/hadoop-common/src/main/conf/hadoop-env.sh
+++ b/hadoop-common-project/hadoop-common/src/main/conf/hadoop-env.sh
@ -398,3 +398,9 @@ esac
 # via this special env var:
 # export HADOOP_ENABLE_BUILD_PATHS="true"

+#
+# To prevent accidents, shell commands be (superficially) locked
+# to only allow certain users to execute certain subcommands.
+#
+# For example, to limit who can execute the namenode command,
+# export HADOOP_namenode_USER=hdfs
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/bin/hdfs
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/bin/hdfs
@ -247,6 +247,8 @@ case ${COMMAND} in
  ;;
 esac

+hadoop_verify_user "${COMMAND}"
+
 if [[ -n "${secure_service}" ]]; then
  HADOOP_SECURE_USER="${secure_user}"
  hadoop_verify_secure_prereq
--- a/hadoop-mapreduce-project/bin/mapred
+++ b/hadoop-mapreduce-project/bin/mapred
@ -135,6 +135,8 @@ case ${COMMAND} in
  ;;
 esac

+hadoop_verify_user "${COMMAND}"
+
 daemon_outfile="${HADOOP_LOG_DIR}/hadoop-${HADOOP_IDENT_STRING}-${COMMAND}-${HOSTNAME}.out"
 daemon_pidfile="${HADOOP_PID_DIR}/hadoop-${HADOOP_IDENT_STRING}-${COMMAND}.pid"

--- a/hadoop-yarn-project/hadoop-yarn/bin/yarn
+++ b/hadoop-yarn-project/hadoop-yarn/bin/yarn
@ -184,6 +184,8 @@ case "${COMMAND}" in
  ;;
 esac

+hadoop_verify_user "${COMMAND}"
+
 # set HADOOP_OPTS to YARN_OPTS so that we can use
 # finalize, etc, without doing anything funky
 hadoop_debug "Resetting HADOOP_OPTS=YARN_OPTS"