hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greg Phillips (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (YARN-5280) Allow YARN containers to run with Java Security Manager
Date Thu, 27 Oct 2016 19:04:58 GMT

    [ https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15612823#comment-15612823
] 

Greg Phillips edited comment on YARN-5280 at 10/27/16 7:04 PM:
---------------------------------------------------------------

[~rkanter] - Thank you for reviewing the patch.

# The test failures didn't appear in my local unit testing, I was able to pull the logs from
jenkins and I am attempting to track down the issue.  The checkstyle and warnings mostly relate
to using proprietary API's for the java policy framework.  There are a handful of other examples
of this warning in the total hadoop build, though I could find a way to work around using
them if necessary.
# The queue name is used to whitelist an application so that it doesn't run with the security
manager enabled.  I've investigated several mechanisms for creating this whitelist behavior,
and using queues offered access control and the correct scope.  This does mean AM implementations
will need to set this property in order for whitelisting to work (and currently only MR has
this set).  I am definitely interested in ideas for other ways of  whitelisting applications.
# - 6. I will have an update including these changes in the next patch.


was (Author: gphillips):
[~rkanter] - Thank you for reviewing the patch.

1. The test failures didn't appear in my local unit testing, I was able to pull the logs from
jenkins and I am attempting to track down the issue.  The checkstyle and warnings mostly relate
to using proprietary API's for the java policy framework.  There are a handful of other examples
of this warning in the total hadoop build, though I could find a way to work around using
them if necessary.
2. The queue name is used to whitelist an application so that it doesn't run with the security
manager enabled.  I've investigated several mechanisms for creating this whitelist behavior,
and using queues offered access control and the correct scope.  This does mean AM implementations
will need to set this property in order for whitelisting to work (and currently only MR has
this set).  I am definitely interested in ideas for other ways of  whitelisting applications.
3 - 6. I will have an update including these changes in the next patch.

> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
>                 Key: YARN-5280
>                 URL: https://issues.apache.org/jira/browse/YARN-5280
>             Project: Hadoop YARN
>          Issue Type: New Feature
>          Components: nodemanager, yarn
>    Affects Versions: 2.6.4
>            Reporter: Greg Phillips
>            Assignee: Greg Phillips
>            Priority: Minor
>              Labels: oct16-medium
>         Attachments: YARN-5280.001.patch, YARN-5280.002.patch, YARN-5280.patch, YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have the potential
to add instability into the cluster. The Java Security Manager can be used to prevent users
from running privileged actions while still allowing their core data processing use cases.

> Introduce a YARN flag which will allow a Hadoop administrator to enable the Java Security
Manager for user code, while still providing complete permissions to core Hadoop libraries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message