%!s(int64=12) %!d(string=hai) anos · e6dbad4f6f
--- a/hadoop-common-project/hadoop-common/CHANGES.txt
+++ b/hadoop-common-project/hadoop-common/CHANGES.txt
@@ -543,6 +543,9 @@ Release 2.0.3-alpha - Unreleased
 
				     HADOOP-9203. RPCCallBenchmark should find a random available port.
			
 
				     (Andrew Purtell via suresh)
			
 
				 
			
 
				+    HADOOP-9178. src/main/conf is missing hadoop-policy.xml.
			
 
				+    (Sandy Ryza via eli)
			
 
				+
			
 
				 Release 2.0.2-alpha - 2012-09-07 
			
 
				 
			
 
				   INCOMPATIBLE CHANGES
			
--- a/hadoop-common-project/hadoop-common/src/main/docs/src/documentation/content/xdocs/service_level_auth.xml
+++ b/hadoop-common-project/hadoop-common/src/main/docs/src/documentation/content/xdocs/service_level_auth.xml
@@ -116,22 +116,6 @@
 
				             <td>ACL for NamenodeProtocol, the protocol used by the secondary
			
 
				             namenode to communicate with the namenode.</td>
			
 
				           </tr>
			
 
				-          <tr>
			
 
				-            <td><code>security.inter.tracker.protocol.acl</code></td>
			
 
				-            <td>ACL for InterTrackerProtocol, used by the tasktrackers to 
			
 
				-            communicate with the jobtracker.</td>
			
 
				-          </tr>
			
 
				-          <tr>
			
 
				-            <td><code>security.job.submission.protocol.acl</code></td>
			
 
				-            <td>ACL for JobSubmissionProtocol, used by job clients to 
			
 
				-            communciate with the jobtracker for job submission, querying job status 
			
 
				-            etc.</td>
			
 
				-          </tr>
			
 
				-          <tr>
			
 
				-            <td><code>security.task.umbilical.protocol.acl</code></td>
			
 
				-            <td>ACL for TaskUmbilicalProtocol, used by the map and reduce 
			
 
				-            tasks to communicate with the parent tasktracker.</td>
			
 
				-          </tr>
			
 
				           <tr>
			
 
				             <td><code>security.refresh.policy.protocol.acl</code></td>
			
 
				             <td>ACL for RefreshAuthorizationPolicyProtocol, used by the 
			
--- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/CommonConfigurationKeys.java
+++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/CommonConfigurationKeys.java
@@ -21,6 +21,7 @@ package org.apache.hadoop.fs;
 
				 import org.apache.hadoop.classification.InterfaceAudience;
			
 
				 import org.apache.hadoop.classification.InterfaceStability;
			
 
				 import org.apache.hadoop.http.lib.StaticUserWebFilter;
			
 
				+import org.apache.hadoop.security.authorize.Service;
			
 
				 
			
 
				 /** 
			
 
				  * This class contains constants for configuration keys used
			
@@ -114,7 +115,18 @@ public class CommonConfigurationKeys extends CommonConfigurationKeysPublic {
 
				   SECURITY_HA_SERVICE_PROTOCOL_ACL = "security.ha.service.protocol.acl";
			
 
				   public static final String 
			
 
				   SECURITY_ZKFC_PROTOCOL_ACL = "security.zkfc.protocol.acl";
			
 
				-  
			
 
				+  public static final String
			
 
				+  SECURITY_CLIENT_PROTOCOL_ACL = "security.client.protocol.acl";
			
 
				+  public static final String SECURITY_CLIENT_DATANODE_PROTOCOL_ACL =
			
 
				+      "security.client.datanode.protocol.acl";
			
 
				+  public static final String
			
 
				+  SECURITY_DATANODE_PROTOCOL_ACL = "security.datanode.protocol.acl";
			
 
				+  public static final String
			
 
				+  SECURITY_INTER_DATANODE_PROTOCOL_ACL = "security.inter.datanode.protocol.acl";
			
 
				+  public static final String
			
 
				+  SECURITY_NAMENODE_PROTOCOL_ACL = "security.namenode.protocol.acl";
			
 
				+  public static final String SECURITY_QJOURNAL_SERVICE_PROTOCOL_ACL =
			
 
				+      "security.qjournal.service.protocol.acl";
			
 
				   public static final String HADOOP_SECURITY_TOKEN_SERVICE_USE_IP =
			
 
				       "hadoop.security.token.service.use_ip";
			
 
				   public static final boolean HADOOP_SECURITY_TOKEN_SERVICE_USE_IP_DEFAULT =
			
@@ -191,4 +203,4 @@ public class CommonConfigurationKeys extends CommonConfigurationKeysPublic {
 
				   public static final long HADOOP_SECURITY_UID_NAME_CACHE_TIMEOUT_DEFAULT =
			
 
				     4*60*60; // 4 hours
			
 
				 
			
 
				-}
			
 
				+}
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/HDFSPolicyProvider.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/HDFSPolicyProvider.java
@@ -40,14 +40,18 @@ import org.apache.hadoop.tools.GetUserMappingsProtocol;
 
				 public class HDFSPolicyProvider extends PolicyProvider {
			
 
				   private static final Service[] hdfsServices =
			
 
				     new Service[] {
			
 
				-    new Service("security.client.protocol.acl", ClientProtocol.class),
			
 
				-    new Service("security.client.datanode.protocol.acl", 
			
 
				-                ClientDatanodeProtocol.class),
			
 
				-    new Service("security.datanode.protocol.acl", DatanodeProtocol.class),
			
 
				-    new Service("security.inter.datanode.protocol.acl", 
			
 
				-                InterDatanodeProtocol.class),
			
 
				-    new Service("security.namenode.protocol.acl", NamenodeProtocol.class),
			
 
				-    new Service("security.qjournal.service.protocol.acl", QJournalProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_CLIENT_PROTOCOL_ACL,
			
 
				+        ClientProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_CLIENT_DATANODE_PROTOCOL_ACL,
			
 
				+        ClientDatanodeProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_DATANODE_PROTOCOL_ACL,
			
 
				+        DatanodeProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_INTER_DATANODE_PROTOCOL_ACL, 
			
 
				+        InterDatanodeProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_NAMENODE_PROTOCOL_ACL,
			
 
				+        NamenodeProtocol.class),
			
 
				+    new Service(CommonConfigurationKeys.SECURITY_QJOURNAL_SERVICE_PROTOCOL_ACL,
			
 
				+        QJournalProtocol.class),
			
 
				     new Service(CommonConfigurationKeys.SECURITY_HA_SERVICE_PROTOCOL_ACL,
			
 
				         HAServiceProtocol.class),
			
 
				     new Service(CommonConfigurationKeys.SECURITY_ZKFC_PROTOCOL_ACL,