[HDFS-7146] NFS ID/Group lookup requires SSSD enumeration on the server - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.6.0
Fix Version/s: 2.7.0
Component/s: nfs
Labels:
None

Hadoop Flags:

Reviewed

Description

The current implementation of the NFS UID and GID lookup works by running 'getent passwd' with an assumption that it will return the entire list of users available on the OS, local and remote (AD/etc.).

This behaviour of the command is advised to be and is prevented by administrators in most secure setups to avoid excessive load to the ADs involved, as the # of users to be listed may be too large, and the repeated requests of ALL users not present in the cache would be too much for the AD infrastructure to bear.

The NFS server should likely do lookups based on a specific UID request, via 'getent passwd <UID>', if the UID does not match a cached value. This reduces load on the LDAP backed infrastructure.

Thanks qwertymaniac for reporting the issue.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-7146.005.patch
15/Nov/14 00:30
20 kB
Yongjun Zhang
HDFS-7146.004.patch
10/Nov/14 17:40
18 kB
Yongjun Zhang
HDFS-7146.003.patch
06/Oct/14 18:21
17 kB
Yongjun Zhang
HDFS-7146.002.allIncremental.patch
03/Oct/14 04:49
18 kB
Yongjun Zhang
HDFS-7146.001.patch
29/Sep/14 22:51
15 kB
Yongjun Zhang

Issue Links

is related to

HADOOP-11195 Move Id-Name mapping in NFS to the hadoop-common area for better maintenance

Closed

Activity

People

Assignee:: Yongjun Zhang

Reporter:: Yongjun Zhang

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 25/Sep/14 18:49

Updated:: 24/Apr/15 23:22

Resolved:: 17/Nov/14 21:27