hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Siddharth Seth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (MAPREDUCE-5199) AppTokens file can/should be removed
Date Mon, 20 May 2013 21:09:17 GMT

    [ https://issues.apache.org/jira/browse/MAPREDUCE-5199?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13662360#comment-13662360

Siddharth Seth commented on MAPREDUCE-5199:

bq. The issue stems from conf.getCredentials().addAll(credentials).
These tokens aren't used to create the LaunchContext for the child. I still don't see how
the App Token is leaking into the appTokens file.

The changes in the patch are required irrespective of this issue. It'd be very useful to understand
what is causing the appToken clobber though.

Couple of comments on the patch itself.
- Should downloadTokensAndSetupUGI be called as part of intAndStartAppMaster itself, so that
jobConf credentials population can be before the init.
- Rename downloadTokensAndSetupUGI to something like setupJobTokensAndUGI ?

> AppTokens file can/should be removed
> ------------------------------------
>                 Key: MAPREDUCE-5199
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-5199
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 3.0.0, 2.0.5-beta
>            Reporter: Vinod Kumar Vavilapalli
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: MAPREDUCE-5199.patch
> All the required tokens are propagated to AMs and containers via startContainer(), no
need for explicitly creating the app-token file that we have today..

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message