[ https://issues.apache.org/jira/browse/YARN-2102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14114285#comment-14114285
]
Hitesh Shah commented on YARN-2102:
-----------------------------------
Comments:
- AccessControlList is limited private and not available to other users outside of HDFS
and MapReduce
- Is there a reason for not supporting separate list of users and groups?
- How is a user of this API expected to append a user to a list? Does the user need to
do a get and then set? Obviously, if 2 users try to this in parallel, it will not work correctly
due to the inherent non-atomic nature of the webservice.
- putNamespace or createNamespace? Or is put meant to denote upsert behavior? How is a
user meant to update the namespace with additional readers/writers?
> More generalized timeline ACLs
> ------------------------------
>
> Key: YARN-2102
> URL: https://issues.apache.org/jira/browse/YARN-2102
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Zhijie Shen
> Assignee: Zhijie Shen
> Attachments: GeneralizedTimelineACLs.pdf, YARN-2102.1.patch, YARN-2102.2.patch,
YARN-2102.3.patch, YARN-2102.5.patch
>
>
> We need to differentiate the access controls of reading and writing operations, and we
need to think about cross-entity access control. For example, if we are executing a workflow
of MR jobs, which writing the timeline data of this workflow, we don't want other user to
pollute the timeline data of the workflow by putting something under it.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
|