ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jaimin D Jetly (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-6093) Ambari secure cluster configures all users as yarn admins
Date Wed, 11 Jun 2014 23:05:02 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-6093?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jaimin D Jetly updated AMBARI-6093:
-----------------------------------

    Description: 
Ambari's configuration for a secure cluster has yarn-site.xml with:

{code}
  <property>
    <name>yarn.admin.acl</name>
    <value>*</value>
  </property>
{code}

which enables all users as yarn admins. It should set an empty list:

{code}
  <property>
    <name>yarn.admin.acl</name>
    <value></value>
  </property>
{code}


yarn.admin.acl should be set to an empty list for both secure and non-secure clusters. yarn.acl.enable
should be set true/false depending on whether security is turned on.

  was:yarn.admin.acl should be set to an empty list for both secure and non-secure clusters.
yarn.acl.enable should be set true/false depending on whether security is turned on.


> Ambari secure cluster configures all users as yarn admins
> ---------------------------------------------------------
>
>                 Key: AMBARI-6093
>                 URL: https://issues.apache.org/jira/browse/AMBARI-6093
>             Project: Ambari
>          Issue Type: Bug
>          Components: client, site
>    Affects Versions: 1.4.1
>            Reporter: Jaimin D Jetly
>            Assignee: Jaimin D Jetly
>             Fix For: 1.6.1
>
>         Attachments: AMBARI-6093.patch
>
>
> Ambari's configuration for a secure cluster has yarn-site.xml with:
> {code}
>   <property>
>     <name>yarn.admin.acl</name>
>     <value>*</value>
>   </property>
> {code}
> which enables all users as yarn admins. It should set an empty list:
> {code}
>   <property>
>     <name>yarn.admin.acl</name>
>     <value></value>
>   </property>
> {code}
> yarn.admin.acl should be set to an empty list for both secure and non-secure clusters.
yarn.acl.enable should be set true/false depending on whether security is turned on.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message