hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greg Senia (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3452) Bogus token usernames cause many invalid group lookups
Date Fri, 06 Nov 2015 17:20:11 GMT

    [ https://issues.apache.org/jira/browse/YARN-3452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14994017#comment-14994017
] 

Greg Senia commented on YARN-3452:
----------------------------------

[~jlowe] just confirmed that HADOOP-12413 does seem to fix it.. Just ran a test with the else
if block... I think as a safety measure for the time being I may still keep my tactical fix
but I'll move the regex to compile once as if the LDAP storm from our jobs show up again I'm
going to have a bad day :)


Confirmed it never was sent out to NSS/LDAP
appattempt_1446307555640_0052_000001

> Bogus token usernames cause many invalid group lookups
> ------------------------------------------------------
>
>                 Key: YARN-3452
>                 URL: https://issues.apache.org/jira/browse/YARN-3452
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: security
>            Reporter: Jason Lowe
>
> YARN uses a number of bogus usernames for tokens, like application attempt IDs for NM
tokens or even the hardcoded "testing" for the container localizer token.  These tokens cause
the RPC layer to do group lookups on these bogus usernames which will never succeed but can
take a long time to perform.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message