Hadoop, mail # user - Re: datanode security (v 1.0.3)

datanode security (v 1.0.3)

Tony Dean 2012-06-04, 01:01

Why is there no documentation on how to run a datanode in secure mode? Or have I just missed it.

I've searched and found bits and pieces, but shouldn't this information be in the security documentation?

Well, my current state is this:

1. I understand that the datanode must use ports < 1k so it must run the threads doing this work as root.
2. I set an environment variable: HADOOP_SECURE_DN_USER so that the datanode can swith to this user for normal work.
3. This keeps me from getting the "Cannot start secure cluster without privileged resources" message.
4. But, now I'm getting

03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line arguments

Does anyone know how to get this to work? I'm new to Hadoop/HBase, but the security documentation or lack thereof is a big turnoff thus far.

I really appreciate any guidance here.

Thanks!
Tony Dean
SAS Institute Inc.
Senior Software Developer
919-531-6704

RE: datanode security (v 1.0.3)

Tony Dean 2012-06-04, 01:17

sending again due to smtp failure.

_____________________________________________
From: Tony Dean
Sent: Sunday, June 03, 2012 9:02 PM
To: '[EMAIL PROTECTED]'
Subject: datanode security (v 1.0.3)
Why is there no documentation on how to run a datanode in secure mode? Or have I just missed it.

I've searched and found bits and pieces, but shouldn't this information be in the security documentation?

Well, my current state is this:

1. I understand that the datanode must use ports < 1k so it must run the threads doing this work as root.
2. I set an environment variable: HADOOP_SECURE_DN_USER so that the datanode can swith to this user for normal work.
3. This keeps me from getting the "Cannot start secure cluster without privileged resources" message.
4. But, now I'm getting

03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line arguments

Does anyone know how to get this to work? I'm new to Hadoop/HBase, but the security documentation or lack thereof is a big turnoff thus far.

I really appreciate any guidance here.

Thanks!
Tony Dean
SAS Institute Inc.
Senior Software Developer
919-531-6704

<< OLE Object: Picture (Device Independent Bitmap) >>

Re: datanode security (v 1.0.3)

Sheeba George 2012-06-04, 05:28

Hi Tony ,

Please take a look at https://issues.apache.org/jira/browse/HDFS-3402
The attached patch fixes the same problem.

Sheeba

On Sun, Jun 3, 2012 at 6:01 PM, Tony Dean <[EMAIL PROTECTED]> wrote:

> Why is there no documentation on how to run a datanode in secure mode?
> Or have I just missed it.
>
> I’ve searched and found bits and pieces, but shouldn’t this information be
> in the security documentation?
>
> Well, my current state is this:
>
>
> 1. I understand that the datanode must use ports < 1k so it must run
> the threads doing this work as root.
> 2. I set an environment variable: HADOOP_SECURE_DN_USER so that the
> datanode can swith to this user for normal work.
> 3. This keeps me from getting the “Cannot start secure cluster without
> privileged resources” message.
> 4. But, now I’m getting
>
>
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line
> arguments
>
> Does anyone know how to get this to work? I’m new to Hadoop/HBase, but
> the security documentation or lack thereof is a big turnoff thus far.
>
> I really appreciate any guidance here.
>
> Thanks!
>
>
> *Tony Dean*
> *SAS Institute Inc.*
> *Senior Software Developer*
> *919-531-6704*
>
>
>
>
>

--
Sheeba Ann George

RE: datanode security (v 1.0.3)

sathyavageeswaran 2012-06-04, 11:14

Can someone guide me on how plug leakage of excess water flow from Pureit on
complete consumption of Chlorine

-----Original Message-----
From: Sheeba George [mailto:[EMAIL PROTECTED]]
Sent: 04 June 2012 10:59
To: [EMAIL PROTECTED]
Subject: Re: datanode security (v 1.0.3)

Hi Tony ,

Please take a look at https://issues.apache.org/jira/browse/HDFS-3402
The attached patch fixes the same problem.

Sheeba

On Sun, Jun 3, 2012 at 6:01 PM, Tony Dean <[EMAIL PROTECTED]> wrote:

> Why is there no documentation on how to run a datanode in secure mode?
> Or have I just missed it.
>
> I've searched and found bits and pieces, but shouldn't this
> information be in the security documentation?
>
> Well, my current state is this:
>
>
> 1. I understand that the datanode must use ports < 1k so it must run
> the threads doing this work as root.
> 2. I set an environment variable: HADOOP_SECURE_DN_USER so that the
> datanode can swith to this user for normal work.
> 3. This keeps me from getting the "Cannot start secure cluster without
> privileged resources" message.
> 4. But, now I'm getting
>
>
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line
> arguments
>
> Does anyone know how to get this to work? I'm new to Hadoop/HBase,
> but the security documentation or lack thereof is a big turnoff thus far.
>
> I really appreciate any guidance here.
>
> Thanks!
>
>
> *Tony Dean*
> *SAS Institute Inc.*
> *Senior Software Developer*
> *919-531-6704*
>
>
>
>
>

--
Sheeba Ann George

-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.1913 / Virus Database: 2425/5043 - Release Date: 06/03/12

RE: datanode security (v 1.0.3)

Tony Dean 2012-06-04, 13:26

Thank you. That did the trick.

-----Original Message-----
From: Sheeba George [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 04, 2012 1:29 AM
To: [EMAIL PROTECTED]
Subject: Re: datanode security (v 1.0.3)

Hi Tony ,

Please take a look at https://issues.apache.org/jira/browse/HDFS-3402
The attached patch fixes the same problem.

Sheeba

On Sun, Jun 3, 2012 at 6:01 PM, Tony Dean <[EMAIL PROTECTED]> wrote:

> Why is there no documentation on how to run a datanode in secure mode?
> Or have I just missed it.
>
> I've searched and found bits and pieces, but shouldn't this
> information be in the security documentation?
>
> Well, my current state is this:
>
>
> 1. I understand that the datanode must use ports < 1k so it must run
> the threads doing this work as root.
> 2. I set an environment variable: HADOOP_SECURE_DN_USER so that the
> datanode can swith to this user for normal work.
> 3. This keeps me from getting the "Cannot start secure cluster without
> privileged resources" message.
> 4. But, now I'm getting
>
>
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
> 03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line
> arguments
>
> Does anyone know how to get this to work? I'm new to Hadoop/HBase,
> but the security documentation or lack thereof is a big turnoff thus far.
>
> I really appreciate any guidance here.
>
> Thanks!
>
>
> *Tony Dean*
> *SAS Institute Inc.*
> *Senior Software Developer*
> *919-531-6704*
>
>
>
>
>

--
Sheeba Ann George

Re: datanode security (v 1.0.3)

Rajiv Chittajallu 2012-06-06, 11:58

check HADOOP_DATANODE_OPTS in hadoop-env.sh . It should have something like

HADOOP_DATANODE_OPTS="-Xmx1024m -Dsecurity.audit.logger=ERROR,DRFAS "

>________________________________
> From: Tony Dean <[EMAIL PROTECTED]>
>To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
>Sent: Sunday, June 3, 2012 6:01 PM
>Subject: datanode security (v 1.0.3)
>
>
>
>Why is there no documentation on how to run a datanode in secure mode? Or have I just missed it.
>
>I’ve searched and found bits and pieces, but shouldn’t this information be in the security documentation?
>
>Well, my current state is this:
>
>    1. I understand that the datanode must use ports < 1k so it must run the threads doing this work as root.
>    2. I set an environment variable: HADOOP_SECURE_DN_USER so that the datanode can swith to this user for normal work.
>    3. This keeps me from getting the “Cannot start secure cluster without privileged resources” message.
>    4. But, now I’m getting
>
>03/06/2012 18:20:08 3809 jsvc.amd64 error: Invalid option -server
>03/06/2012 18:20:08 3809 jsvc.amd64 error: Cannot parse command line arguments
>
>Does anyone know how to get this to work? I’m new to Hadoop/HBase, but the security documentation or lack thereof is a big turnoff thus far.
>
>I really appreciate any guidance here.
>��
>Thanks!
>
>
>Tony Dean
>SAS Institute Inc.
>Senior Software Developer
>919-531-6704
>
>
>
>
>
>