HDFS-11048. Audit Log should escape control characters. Contributed by Eric Badger
This commit is contained in:
parent
1eae719bce
commit
8a9388e5f6
@ -17,6 +17,7 @@
|
|||||||
*/
|
*/
|
||||||
package org.apache.hadoop.hdfs.server.namenode;
|
package org.apache.hadoop.hdfs.server.namenode;
|
||||||
|
|
||||||
|
import static org.apache.commons.lang.StringEscapeUtils.escapeJava;
|
||||||
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT;
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT;
|
||||||
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY;
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY;
|
||||||
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
|
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
|
||||||
@ -6877,6 +6878,8 @@ public void logAuditEvent(boolean succeeded, String userName,
|
|||||||
if (auditLog.isDebugEnabled() ||
|
if (auditLog.isDebugEnabled() ||
|
||||||
(auditLog.isInfoEnabled() && !debugCmdSet.contains(cmd))) {
|
(auditLog.isInfoEnabled() && !debugCmdSet.contains(cmd))) {
|
||||||
final StringBuilder sb = STRING_BUILDER.get();
|
final StringBuilder sb = STRING_BUILDER.get();
|
||||||
|
src = escapeJava(src);
|
||||||
|
dst = escapeJava(dst);
|
||||||
sb.setLength(0);
|
sb.setLength(0);
|
||||||
sb.append("allowed=").append(succeeded).append("\t");
|
sb.append("allowed=").append(succeeded).append("\t");
|
||||||
sb.append("ugi=").append(userName).append("\t");
|
sb.append("ugi=").append(userName).append("\t");
|
||||||
|
@ -270,6 +270,15 @@ public void testAuditWebHdfsOpen() throws Exception {
|
|||||||
verifyAuditLogsCheckPattern(true, 3, webOpenPattern);
|
verifyAuditLogsCheckPattern(true, 3, webOpenPattern);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** make sure that "\r\n" isn't made into a newline in audit log */
|
||||||
|
@Test
|
||||||
|
public void testAuditCharacterEscape() throws Exception {
|
||||||
|
final Path file = new Path("foo" + "\r\n" + "bar");
|
||||||
|
setupAuditLogs();
|
||||||
|
fs.create(file);
|
||||||
|
verifyAuditLogsRepeat(true, 1);
|
||||||
|
}
|
||||||
|
|
||||||
/** Sets up log4j logger for auditlogs */
|
/** Sets up log4j logger for auditlogs */
|
||||||
private void setupAuditLogs() throws IOException {
|
private void setupAuditLogs() throws IOException {
|
||||||
Logger logger = ((Log4JLogger) FSNamesystem.auditLog).getLogger();
|
Logger logger = ((Log4JLogger) FSNamesystem.auditLog).getLogger();
|
||||||
|
Loading…
Reference in New Issue
Block a user