From 1c48e50ce71fd0e38740d69ce1e03119dca97a38 Mon Sep 17 00:00:00 2001 From: Akira Ajisaka Date: Mon, 15 Feb 2016 11:38:25 +0900 Subject: [PATCH] HADOOP-12786. "hadoop key" command usage is not documented. Contributed by Xiao Chen. --- hadoop-common-project/hadoop-common/CHANGES.txt | 3 +++ .../org/apache/hadoop/crypto/key/KeyShell.java | 2 +- .../src/site/markdown/CommandsManual.md | 14 +++++++++++++- 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/hadoop-common-project/hadoop-common/CHANGES.txt b/hadoop-common-project/hadoop-common/CHANGES.txt index a05fd4be19..0d07e36f2c 100644 --- a/hadoop-common-project/hadoop-common/CHANGES.txt +++ b/hadoop-common-project/hadoop-common/CHANGES.txt @@ -1809,6 +1809,9 @@ Release 2.7.2 - 2016-01-25 HADOOP-12415. Fixed pom files to correctly include compile-time dependency on netty. (Tom Zeng via cos) + HADOOP-12786. "hadoop key" command usage is not documented. + (Xiao Chen via aajisaka) + Release 2.7.1 - 2015-07-06 INCOMPATIBLE CHANGES diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java index 4c72d06d06..c69dc82a60 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyShell.java @@ -372,7 +372,7 @@ private class DeleteCommand extends Command { public static final String DESC = "The delete subcommand deletes all versions of the key\n" + "specified by the argument from within the\n" + - "provider specified -provider. The command asks for\n" + + "provider specified by -provider. The command asks for\n" + "user confirmation unless -f is specified."; String keyName = null; diff --git a/hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md b/hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md index d7f065730c..58fcbe9a2a 100644 --- a/hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md +++ b/hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md @@ -188,7 +188,19 @@ Example: `hadoop kerbname user@EXAMPLE.COM` ### `key` -Manage keys via the KeyProvider. +Usage: `hadoop key [options]` + +| COMMAND\_OPTION | Description | +|:---- |:---- | +| create *keyname* [-cipher *cipher*] [-size *size*] [-description *description*] [-attr *attribute=value*] [-provider *provider*] [-help] | Creates a new key for the name specified by the *keyname* argument within the provider specified by the `-provider` argument. You may specify a cipher with the `-cipher` argument. The default cipher is currently "AES/CTR/NoPadding". The default keysize is 128. You may specify the requested key length using the `-size` argument. Arbitrary attribute=value style attributes may be specified using the `-attr` argument. `-attr` may be specified multiple times, once per attribute. | +| roll *keyname* [-provider *provider*] [-help] | Creates a new version for the specified key within the provider indicated using the `-provider` argument | +| delete *keyname* [-provider *provider*] [-f] [-help] | Deletes all versions of the key specified by the *keyname* argument from within the provider specified by `-provider`. The command asks for user confirmation unless `-f` is specified. | +| list [-provider *provider*] [-metadata] [-help] | Displays the keynames contained within a particular provider as configured in core-site.xml or specified with the `-provider` argument. `-metadata` displays the metadata. | +| -help | Prints usage of this command | + +Manage keys via the KeyProvider. For details on KeyProviders, see the [Transparent Encryption Guide](../hadoop-hdfs/TransparentEncryption.html). + +NOTE: Some KeyProviders (e.g. org.apache.hadoop.crypto.key.JavaKeyStoreProvider) does not support uppercase key names. ### `trace`