Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HDFS-16868. Fix audit log duplicate issue when an ACE occurs in FSNamesystem. (#5206). Contributed by Beibei Zhao. 

Signed-off-by: Chris Nauroth <cnauroth@apache.org>
Signed-off-by: He Xiaoqiao <hexiaoqiao@apache.org>
This commit is contained in:
curie71 2022-12-13 12:24:51 +08:00 committed by GitHub
parent a71aaef9a9
commit fdcbc8b072
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
View File

@ -3621,10 +3621,10 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
final String operationName = getQuotaCommand(nsQuota, ssQuota); final String operationName = getQuotaCommand(nsQuota, ssQuota);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(operationName); FSPermissionChecker.setOperationType(operationName);
if(!allowOwnerSetQuota) {
checkSuperuserPrivilege(operationName, src);
}
try { try {
if(!allowOwnerSetQuota) {
checkSuperuserPrivilege(operationName, src);
}
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -7761,8 +7761,8 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
String poolInfoStr = null; String poolInfoStr = null;
String poolName = req == null ? null : req.getPoolName(); String poolName = req == null ? null : req.getPoolName();
checkSuperuserPrivilege(operationName, poolName);
try { try {
checkSuperuserPrivilege(operationName, poolName);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -7788,8 +7788,8 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
String poolNameStr = "{poolName: " + String poolNameStr = "{poolName: " +
(req == null ? null : req.getPoolName()) + "}"; (req == null ? null : req.getPoolName()) + "}";
checkSuperuserPrivilege(operationName, poolNameStr);
try { try {
checkSuperuserPrivilege(operationName, poolNameStr);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -7815,8 +7815,8 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
final String operationName = "removeCachePool"; final String operationName = "removeCachePool";
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
String poolNameStr = "{poolName: " + cachePoolName + "}"; String poolNameStr = "{poolName: " + cachePoolName + "}";
checkSuperuserPrivilege(operationName, poolNameStr);
try { try {
checkSuperuserPrivilege(operationName, poolNameStr);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -8017,11 +8017,11 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
SafeModeException, AccessControlException { SafeModeException, AccessControlException {
final String operationName = "createEncryptionZone"; final String operationName = "createEncryptionZone";
FileStatus resultingStat = null; FileStatus resultingStat = null;
checkSuperuserPrivilege(operationName, src);
try { try {
Metadata metadata = FSDirEncryptionZoneOp.ensureKeyIsInitialized(dir, Metadata metadata = FSDirEncryptionZoneOp.ensureKeyIsInitialized(dir,
keyName, src); keyName, src);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
checkSuperuserPrivilege(operationName, src);
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
writeLock(); writeLock();
try { try {
@ -8100,11 +8100,11 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
final boolean logRetryCache) throws IOException { final boolean logRetryCache) throws IOException {
final String operationName = "reencryptEncryptionZone"; final String operationName = "reencryptEncryptionZone";
boolean success = false; boolean success = false;
checkSuperuserPrivilege(operationName, zone);
try { try {
Preconditions.checkNotNull(zone, "zone is null."); Preconditions.checkNotNull(zone, "zone is null.");
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = dir.getPermissionChecker(); final FSPermissionChecker pc = dir.getPermissionChecker();
checkSuperuserPrivilege(operationName, zone);
checkNameNodeSafeMode("NameNode in safemode, cannot " + action checkNameNodeSafeMode("NameNode in safemode, cannot " + action
+ " re-encryption on zone " + zone); + " re-encryption on zone " + zone);
reencryptEncryptionZoneInt(pc, zone, action, logRetryCache); reencryptEncryptionZoneInt(pc, zone, action, logRetryCache);