hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-1943) Multitenant LinuxContainerExecutor is incompatible with Simple Security mode.
Date Tue, 15 Apr 2014 17:57:15 GMT

    [ https://issues.apache.org/jira/browse/YARN-1943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13969821#comment-13969821

Alejandro Abdelnur commented on YARN-1943:

O the yarn-site.xml of the NMs:

    <description>The UNIX user that containers will run as when Linux-container-executor
    is used in nonsecure mode (a use case for this is using cgroups).</description>

> Multitenant LinuxContainerExecutor is incompatible with Simple Security mode.
> -----------------------------------------------------------------------------
>                 Key: YARN-1943
>                 URL: https://issues.apache.org/jira/browse/YARN-1943
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: nodemanager
>    Affects Versions: 2.3.0
>            Reporter: jay vyas
>            Priority: Critical
>              Labels: linux
>             Fix For: 2.3.0
> As of hadoop 2.3.0, commit cc74a18c makes it so that nonsecureLocalUser replaces the
user who submits a job if security is disabled: 
> {noformat}
>  return UserGroupInformation.isSecurityEnabled() ? user : nonsecureLocalUser;
> {noformat}
> However, the only way to enable security, is to NOT use SIMPLE authentication mode:
> {noformat}
>   public static boolean isSecurityEnabled() {
>     return !isAuthenticationMethodEnabled(AuthenticationMethod.SIMPLE);
>   }
> {noformat}
> Thus, the framework ENFORCES that "SIMPLE" login security --> nonSecureuser for submission
of LinuxExecutorContainer.
> This results in a confusing issue, wherein we submit a job as "sally" and then get an
exception that user "nobody" is not whitelisted and has UID < MAX_ID.
> My proposed solution is that we should be able to leverage LinuxContainerExector regardless
of hadoop's view of the security settings on the cluster, i.e. decouple LinuxContainerExecutor
logic from the "isSecurityEnabled" return value.

This message was sent by Atlassian JIRA

View raw message