HADOOP-6644. util.Shell getGROUPS_FOR_USER_COMMAND method name - should use common naming convention
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@948528 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
a7aacdc2d6
commit
e346c2f4e0
|
@ -3,6 +3,9 @@ Hadoop Change Log
|
||||||
Trunk (unreleased changes)
|
Trunk (unreleased changes)
|
||||||
|
|
||||||
IMPROVEMENTS
|
IMPROVEMENTS
|
||||||
|
HADOOP-6644. util.Shell getGROUPS_FOR_USER_COMMAND method name
|
||||||
|
- should use common naming convention (boryas)
|
||||||
|
|
||||||
HADOOP-6778. add isRunning() method to
|
HADOOP-6778. add isRunning() method to
|
||||||
AbstractDelegationTokenSecretManager (for HDFS-1044) (boryas)
|
AbstractDelegationTokenSecretManager (for HDFS-1044) (boryas)
|
||||||
|
|
||||||
|
|
|
@ -60,7 +60,7 @@ public class ShellBasedUnixGroupsMapping implements GroupMappingServiceProvider
|
||||||
private static List<String> getUnixGroups(final String user) throws IOException {
|
private static List<String> getUnixGroups(final String user) throws IOException {
|
||||||
String result = "";
|
String result = "";
|
||||||
try {
|
try {
|
||||||
result = Shell.execCommand(Shell.getGROUPS_FOR_USER_COMMAND(user));
|
result = Shell.execCommand(Shell.getGroupsForUserCommand(user));
|
||||||
} catch (ExitCodeException e) {
|
} catch (ExitCodeException e) {
|
||||||
// if we didn't get the group - just return empty list;
|
// if we didn't get the group - just return empty list;
|
||||||
LOG.warn("got exception trying to get groups for user " + user, e);
|
LOG.warn("got exception trying to get groups for user " + user, e);
|
||||||
|
|
|
@ -48,7 +48,7 @@ public class ServiceAuthorizationManager {
|
||||||
public static final String SERVICE_AUTHORIZATION_CONFIG =
|
public static final String SERVICE_AUTHORIZATION_CONFIG =
|
||||||
"hadoop.security.authorization";
|
"hadoop.security.authorization";
|
||||||
|
|
||||||
public static final Log auditLOG =
|
public static final Log AUDITLOG =
|
||||||
LogFactory.getLog("SecurityLogger."+ServiceAuthorizationManager.class.getName());
|
LogFactory.getLog("SecurityLogger."+ServiceAuthorizationManager.class.getName());
|
||||||
|
|
||||||
private static final String AUTHZ_SUCCESSFULL_FOR = "Authorization successfull for ";
|
private static final String AUTHZ_SUCCESSFULL_FOR = "Authorization successfull for ";
|
||||||
|
@ -83,12 +83,12 @@ public class ServiceAuthorizationManager {
|
||||||
}
|
}
|
||||||
if((clientPrincipal != null && !clientPrincipal.equals(user.getUserName())) ||
|
if((clientPrincipal != null && !clientPrincipal.equals(user.getUserName())) ||
|
||||||
!acl.isUserAllowed(user)) {
|
!acl.isUserAllowed(user)) {
|
||||||
auditLOG.warn(AUTHZ_FAILED_FOR + user + " for protocol="+protocol);
|
AUDITLOG.warn(AUTHZ_FAILED_FOR + user + " for protocol="+protocol);
|
||||||
throw new AuthorizationException("User " + user +
|
throw new AuthorizationException("User " + user +
|
||||||
" is not authorized for protocol " +
|
" is not authorized for protocol " +
|
||||||
protocol);
|
protocol);
|
||||||
}
|
}
|
||||||
auditLOG.info(AUTHZ_SUCCESSFULL_FOR + user + " for protocol="+protocol);
|
AUDITLOG.info(AUTHZ_SUCCESSFULL_FOR + user + " for protocol="+protocol);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static synchronized void refresh(Configuration conf,
|
public static synchronized void refresh(Configuration conf,
|
||||||
|
|
|
@ -44,11 +44,11 @@ abstract public class Shell {
|
||||||
/** a Unix command to get the current user's name */
|
/** a Unix command to get the current user's name */
|
||||||
public final static String USER_NAME_COMMAND = "whoami";
|
public final static String USER_NAME_COMMAND = "whoami";
|
||||||
/** a Unix command to get the current user's groups list */
|
/** a Unix command to get the current user's groups list */
|
||||||
public static String[] getGROUPS_COMMAND() {
|
public static String[] getGroupsCommand() {
|
||||||
return new String[]{"bash", "-c", "groups"};
|
return new String[]{"bash", "-c", "groups"};
|
||||||
}
|
}
|
||||||
/** a Unix command to get a given user's groups list */
|
/** a Unix command to get a given user's groups list */
|
||||||
public static String[] getGROUPS_FOR_USER_COMMAND(final String user) {
|
public static String[] getGroupsForUserCommand(final String user) {
|
||||||
//'groups username' command return is non-consistent across different unixes
|
//'groups username' command return is non-consistent across different unixes
|
||||||
return new String [] {"bash", "-c", "id -Gn " + user};
|
return new String [] {"bash", "-c", "id -Gn " + user};
|
||||||
}
|
}
|
||||||
|
|
|
@ -165,7 +165,7 @@ public abstract class FileContextPermissionBase {
|
||||||
|
|
||||||
static List<String> getGroups() throws IOException {
|
static List<String> getGroups() throws IOException {
|
||||||
List<String> a = new ArrayList<String>();
|
List<String> a = new ArrayList<String>();
|
||||||
String s = Shell.execCommand(Shell.getGROUPS_COMMAND());
|
String s = Shell.execCommand(Shell.getGroupsCommand());
|
||||||
for(StringTokenizer t = new StringTokenizer(s); t.hasMoreTokens(); ) {
|
for(StringTokenizer t = new StringTokenizer(s); t.hasMoreTokens(); ) {
|
||||||
a.add(t.nextToken());
|
a.add(t.nextToken());
|
||||||
}
|
}
|
||||||
|
|
|
@ -144,7 +144,7 @@ public class TestLocalFileSystemPermission extends TestCase {
|
||||||
|
|
||||||
static List<String> getGroups() throws IOException {
|
static List<String> getGroups() throws IOException {
|
||||||
List<String> a = new ArrayList<String>();
|
List<String> a = new ArrayList<String>();
|
||||||
String s = Shell.execCommand(Shell.getGROUPS_COMMAND());
|
String s = Shell.execCommand(Shell.getGroupsCommand());
|
||||||
for(StringTokenizer t = new StringTokenizer(s); t.hasMoreTokens(); ) {
|
for(StringTokenizer t = new StringTokenizer(s); t.hasMoreTokens(); ) {
|
||||||
a.add(t.nextToken());
|
a.add(t.nextToken());
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue