git commit: ACCUMULO-1591 Master and Logger will fail out if secrets mismatch (tserver already does)

Wed, 29 Jan 2014 15:51:42 -0800 

Updated Branches:
  refs/heads/1.4.5-SNAPSHOT cabe14a15 -> d362d16ac


ACCUMULO-1591 Master and Logger will fail out if secrets mismatch (tserver 
already does)


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/d362d16a
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/d362d16a
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/d362d16a

Branch: refs/heads/1.4.5-SNAPSHOT
Commit: d362d16ac5ce6c7f088d02fe587d82bdedaac98d
Parents: cabe14a
Author: John Vines <vi...@apache.org>
Authored: Wed Jan 29 18:49:14 2014 -0500
Committer: John Vines <vi...@apache.org>
Committed: Wed Jan 29 18:49:14 2014 -0500

----------------------------------------------------------------------
 .../apache/accumulo/server/logger/LogService.java |  4 ++++
 .../org/apache/accumulo/server/master/Master.java |  4 ++++
 .../server/zookeeper/ZooReaderWriter.java         | 18 ++++++++++++++++++
 3 files changed, 26 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/d362d16a/src/server/src/main/java/org/apache/accumulo/server/logger/LogService.java
----------------------------------------------------------------------
diff --git 
a/src/server/src/main/java/org/apache/accumulo/server/logger/LogService.java 
b/src/server/src/main/java/org/apache/accumulo/server/logger/LogService.java
index 6fabd95..c89764c 100644
--- a/src/server/src/main/java/org/apache/accumulo/server/logger/LogService.java
+++ b/src/server/src/main/java/org/apache/accumulo/server/logger/LogService.java
@@ -138,6 +138,10 @@ public class LogService implements MutationLogger.Iface, 
Watcher {
   }
 
   public LogService(String[] args) throws UnknownHostException, 
KeeperException, InterruptedException, IOException {
+    // Before we try anything, check to see if we can read users/root out of 
Zookeeper, as it should be guaranteed to exist and ACLed
+    // This is to ensure we have the right secret before we can muck around 
with anything
+    ZooReaderWriter.validateSecret();
+    
     try {
       Accumulo.init("logger");
     } catch (UnknownHostException e1) {

http://git-wip-us.apache.org/repos/asf/accumulo/blob/d362d16a/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
----------------------------------------------------------------------
diff --git 
a/src/server/src/main/java/org/apache/accumulo/server/master/Master.java 
b/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
index c8f31fe..f969f1b 100644
--- a/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
+++ b/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
@@ -2143,6 +2143,10 @@ public class Master implements LiveTServerSet.Listener, 
LoggerWatcher, TableObse
   }
   
   private void getMasterLock(final String zMasterLoc) throws KeeperException, 
InterruptedException {
+    // Before we try anything, check to see if we can read users/root out of 
Zookeeper, as it should be guaranteed to exist and ACLed
+    // This is to ensure we have the right secret before we can muck around 
with anything
+    ZooReaderWriter.validateSecret();
+    
     log.info("trying to get master lock");
     LockWatcher masterLockWatcher = new ZooLock.LockWatcher() {
       public void lostLock(LockLossReason reason) {

http://git-wip-us.apache.org/repos/asf/accumulo/blob/d362d16a/src/server/src/main/java/org/apache/accumulo/server/zookeeper/ZooReaderWriter.java
----------------------------------------------------------------------
diff --git 
a/src/server/src/main/java/org/apache/accumulo/server/zookeeper/ZooReaderWriter.java
 
b/src/server/src/main/java/org/apache/accumulo/server/zookeeper/ZooReaderWriter.java
index acd87ca..dbaa80b 100644
--- 
a/src/server/src/main/java/org/apache/accumulo/server/zookeeper/ZooReaderWriter.java
+++ 
b/src/server/src/main/java/org/apache/accumulo/server/zookeeper/ZooReaderWriter.java
@@ -23,6 +23,7 @@ import java.lang.reflect.Proxy;
 import java.security.SecurityPermission;
 import java.util.List;
 
+import org.apache.accumulo.core.Constants;
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.conf.Property;
 import org.apache.accumulo.core.util.UtilWaitThread;
@@ -209,4 +210,21 @@ public class ZooReaderWriter extends ZooReader implements 
IZooReaderWriter {
     putPersistentData(path, new byte[] {}, NodeExistsPolicy.SKIP);
   }
   
+  public static void validateSecret() {
+    // Before we try anything, check to see if we can read users/root out of 
Zookeeper, as it should be guaranteed to exist and ACLed
+    // This is to ensure we have the right secret before we can muck around 
with anything
+    try {
+      
ZooReaderWriter.getInstance().getStatus(Constants.ZROOT+Constants.ZUSERS+Constants.ZROOT+"/root");
+    } catch (KeeperException ke) {
+      switch (ke.code()) {
+        case NOAUTH:
+        case AUTHFAILED:
+          throw new RuntimeException("Could not read ACLed zookeeper data. 
Please make sure instance secret is correct.", ke);
+        default:
+          throw new RuntimeException("Had issues reading data from 
zookeeper.", ke);
+      } 
+    } catch (InterruptedException ie) {
+      throw new RuntimeException("Interrupted from zookeeper, exitting.", ie);
+    }
+  }
 }

Reply via email to