hadoop-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Serge Blazhievsky <hadoop...@gmail.com>
Subject Re: JobTracker security
Date Wed, 27 Feb 2013 01:22:21 GMT
All right!

Thanks for advice!


Serge

On Tue, Feb 26, 2013 at 4:57 PM, Jean-Marc Spaggiari <
jean-marc@spaggiari.org> wrote:

> I mean the executable files. Or even the entire hadoop directory?
> People might still be able to install a local copy of hadoop and
> configure it to point to the same trackers, and then do the kill, but
> at least that will complicate the things a bit?
>
> If user1 and user2 are on different groups also, that might allow you
> to block some user2 actions against user1 processes? Also, you should
> take look to the "Security" chapter in "Hadoop: The Definitive Guide"
> and to the hadoop-policy.xml file (I never looked at this file, so
> maybe it's not at all related).
>
> 2013/2/26 Serge Blazhievsky <hadoop.ca@gmail.com>:
> > hi Jean,
> >
> > Do you mean input files for hadoop ? or hadoop directory?
> >
> > Serge
> >
> >
> > On Tue, Feb 26, 2013 at 4:38 PM, Jean-Marc Spaggiari
> > <jean-marc@spaggiari.org> wrote:
> >>
> >> Maybe restrict access to the hadoop file(s) to the user1?
> >>
> >> 2013/2/26 Serge Blazhievsky <hadoop.ca@gmail.com>:
> >> > I am trying to not to use kerberos...
> >> >
> >> > Is there other option?
> >> >
> >> > Thanks
> >> > Serge
> >> >
> >> >
> >> > On Tue, Feb 26, 2013 at 3:31 PM, Patai Sangbutsarakum
> >> > <Patai.Sangbutsarakum@turn.com> wrote:
> >> >>
> >> >> Kerberos
> >> >>
> >> >> From: Serge Blazhievsky <hadoop.ca@gmail.com>
> >> >> Reply-To: <user@hadoop.apache.org>
> >> >> Date: Tue, 26 Feb 2013 15:29:08 -0800
> >> >> To: <user@hadoop.apache.org>
> >> >> Subject: JobTracker security
> >> >>
> >> >> Hi all,
> >> >>
> >> >> Is there a way to restrict job monitoring and management only to jobs
> >> >> started by each individual user?
> >> >>
> >> >>
> >> >> The basic scenario is:
> >> >>
> >> >> 1. Start a job under user1
> >> >> 2. Login as user2
> >> >> 3. hadoop job -list to retrieve job id
> >> >> 4. hadoop job -kill job_id
> >> >> 5. Job gets terminated....
> >> >>
> >> >> Is there something that needs to be enabled to prevent that from
> >> >> happening?
> >> >>
> >> >> Thanks
> >> >> Serge
> >> >
> >> >
> >
> >
>

Mime
View raw message