HADOOP-8460. Document proper setting of HADOOP_PID_DIR and HADOOP_SECURE_DN_PID_DIR (bobby)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1@1345308 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -13,6 +13,9 @@ Release 1.2.0 - unreleased
     HADOOP-8445. Token should not print the password in toString
     (Ravi Prakash via tgraves)
 
+    HADOOP-8460. Document proper setting of HADOOP_PID_DIR and
+    HADOOP_SECURE_DN_PID_DIR (bobby)
+
 Release 1.1.0 - unreleased
 
   INCOMPATIBLE CHANGES

conf/hadoop-env.sh.template

@@ -45,6 +45,9 @@ export HADOOP_JOBTRACKER_OPTS="-Dcom.sun.management.jmxremote $HADOOP_JOBTRACKER
 # export HADOOP_SLAVE_SLEEP=0.1
 
 # The directory where pid files are stored. /tmp by default.
+# NOTE: this should be set to a directory that can only be written to by 
+#       the users that are going to run the hadoop daemons.  Otherwise there is
+#       the potential for a symlink attack.
 # export HADOOP_PID_DIR=/var/hadoop/pids
 
 # A string representing this instance of hadoop. $USER by default.

src/docs/src/documentation/content/xdocs/cluster_setup.xml

@@ -122,6 +122,11 @@
           <p>At the very least you should specify the
           <code>JAVA_HOME</code> so that it is correctly defined on each
           remote node.</p>
+
+          <p>In most cases you should also specify <code>HADOOP_PID_DIR</code>
+          to point a directory that can only be written to by the users that
+          are going to run the hadoop daemons.  Otherwise there is the
+          potential for a symlink attack.</p>
           
           <p>Administrators can configure individual daemons using the
           configuration options <code>HADOOP_*_OPTS</code>. Various options