Package org.apache.hadoop.hbase.test

Class IntegrationTestZKAndFSPermissions

java.lang.Object
org.apache.hadoop.hbase.util.AbstractHBaseTool
org.apache.hadoop.hbase.test.IntegrationTestZKAndFSPermissions
All Implemented Interfaces:
org.apache.hadoop.conf.Configurable, org.apache.hadoop.util.Tool
public class IntegrationTestZKAndFSPermissions extends org.apache.hadoop.hbase.util.AbstractHBaseTool
An integration test which checks that the znodes in zookeeper and data in the FileSystem are protected for secure HBase deployments. This test is intended to be run on clusters with kerberos authorization for HBase and ZooKeeper. If hbase.security.authentication is not set to kerberos, the test does not run unless -f is specified which bypasses the check. It is recommended to always run with -f on secure clusters so that the test checks the actual end result, not the configuration. The test should be run as hbase user with kinit / TGT cached since it accesses HDFS.

Example usage: hbase org.apache.hadoop.hbase.test.IntegrationTestZnodeACLs -h

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.apache.hadoop.hbase.util.AbstractHBaseTool

    org.apache.hadoop.hbase.util.AbstractHBaseTool.OptionsOrderComparator

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    FORCE_CHECK_ARG
     
    static final String
    FS_PERMS
     
    private String
    fsPerms
     
    private boolean
    isForce
     
    private static final org.slf4j.Logger
    LOG
     
    private String
    masterPrincipal
     
    static final String
    PRINCIPAL_ARG
     
    static final String
    SKIP_CHECK_FS
     
    static final String
    SKIP_CHECK_ZK
     
    private boolean
    skipFSCheck
     
    private boolean
    skipZKCheck
     
    private String
    superUser
     
    static final String
    SUPERUSER_ARG
     

    Fields inherited from class org.apache.hadoop.hbase.util.AbstractHBaseTool

    cmdLineArgs, conf, EXIT_FAILURE, EXIT_SUCCESS, LONG_HELP_OPTION, options, SHORT_HELP_OPTION

  • Constructor Summary

    Constructors
    Constructor
    Description
    IntegrationTestZKAndFSPermissions()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    addOptions()
     
    private void
    assertZnodePerms(org.apache.hadoop.hbase.zookeeper.RecoverableZooKeeper zk, String znode, boolean expectedWorldReadable)
     
    private void
    checkZnodePermsRecursive(org.apache.hadoop.hbase.zookeeper.ZKWatcher watcher, org.apache.hadoop.hbase.zookeeper.RecoverableZooKeeper zk, String znode)
     
    protected int
    doWork()
     
    private String
    getShortUserName(String principal)
     
    static void
    main(String[] args)
     
    protected void
    processOptions(org.apache.hbase.thirdparty.org.apache.commons.cli.CommandLine cmd)
     
    void
    setConf(org.apache.hadoop.conf.Configuration conf)
     
    private void
    testFSPerms()
     
    private void
    testZNodeACLs()
     

    Methods inherited from class org.apache.hadoop.hbase.util.AbstractHBaseTool

    addOption, addOptNoArg, addOptNoArg, addOptWithArg, addOptWithArg, addRequiredOption, addRequiredOptWithArg, addRequiredOptWithArg, doStaticMain, getConf, getOptionAsDouble, getOptionAsInt, getOptionAsInt, getOptionAsLong, getOptionAsLong, newParser, parseArgs, parseInt, parseLong, printUsage, printUsage, processOldArgs, run

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait