Package org.apache.hadoop.security

Class ShellBasedUnixGroupsNetgroupMapping

java.lang.Object

org.apache.hadoop.conf.Configured

org.apache.hadoop.security.ShellBasedUnixGroupsMapping

org.apache.hadoop.security.ShellBasedUnixGroupsNetgroupMapping

All Implemented Interfaces:

Configurable, GroupMappingServiceProvider

@LimitedPrivate({"HDFS","MapReduce"})
@Evolving
public class ShellBasedUnixGroupsNetgroupMapping
extends ShellBasedUnixGroupsMapping

A simple shell-based implementation of GroupMappingServiceProvider that exec's the groups shell command to fetch the group memberships of a given user.

Field Summary

Fields inherited from interface org.apache.hadoop.security.GroupMappingServiceProvider

GROUP_MAPPING_CONFIG_PREFIX

Constructor Summary

Constructors

Constructor	Description
ShellBasedUnixGroupsNetgroupMapping()

Method Summary

Modifier and Type	Method	Description
void	cacheGroupsAdd(List<String> groups)	Add a group to cache, only netgroups are cached
void	cacheGroupsRefresh()	Refresh the netgroup cache
protected String	execShellGetUserForNetgroup(String netgroup)	Calls shell to get users for a netgroup by calling getent netgroup, this is a low level function that just returns string that
List<String>	getGroups(String user)	Get unix groups (parent) and netgroups for given user
protected List<String>	getUsersForNetgroup(String netgroup)	Gets users for a netgroup

Methods inherited from class org.apache.hadoop.security.ShellBasedUnixGroupsMapping

createGroupExecutor, createGroupIDExecutor, getGroupsForUserCommand, getGroupsIDForUserCommand, getGroupsSet, resolveFullGroupNames, setConf

Methods inherited from class org.apache.hadoop.conf.Configured

getConf

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ShellBasedUnixGroupsNetgroupMapping

public ShellBasedUnixGroupsNetgroupMapping()

Method Details

getGroups

public List<String> getGroups(String user)
                       throws IOException

Get unix groups (parent) and netgroups for given user

Specified by:

getGroups in interface GroupMappingServiceProvider

Overrides:

getGroups in class ShellBasedUnixGroupsMapping

Parameters:

user - get groups and netgroups for this user

Returns:

groups and netgroups for user

Throws:

IOException - raised on errors performing I/O.

cacheGroupsRefresh

public void cacheGroupsRefresh()
                        throws IOException

Refresh the netgroup cache

Specified by:

cacheGroupsRefresh in interface GroupMappingServiceProvider

Overrides:

cacheGroupsRefresh in class ShellBasedUnixGroupsMapping

Throws:

IOException - raised on errors performing I/O.

cacheGroupsAdd

public void cacheGroupsAdd(List<String> groups)
                    throws IOException

Add a group to cache, only netgroups are cached

Specified by:

cacheGroupsAdd in interface GroupMappingServiceProvider

Overrides:

cacheGroupsAdd in class ShellBasedUnixGroupsMapping

Parameters:

groups - list of group names to add to cache

Throws:

IOException - raised on errors performing I/O.

getUsersForNetgroup

protected List<String> getUsersForNetgroup(String netgroup)
                                    throws IOException

Gets users for a netgroup

Parameters:

netgroup - return users for this netgroup

Returns:

list of users for a given netgroup

Throws:

IOException - raised on errors performing I/O.

execShellGetUserForNetgroup

protected String execShellGetUserForNetgroup(String netgroup)
                                      throws IOException

Calls shell to get users for a netgroup by calling getent netgroup, this is a low level function that just returns string that

Parameters:

netgroup - get users for this netgroup

Returns:

string of users for a given netgroup in getent netgroups format

Throws:

IOException - raised on errors performing I/O.