[jira] Updated: (HADOOP-5419) Provide a way for users to find out what operations they can do on which M/R queues

Thu, 02 Apr 2009 10:56:35 -0700 

     [ 
https://issues.apache.org/jira/browse/HADOOP-5419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

rahul k singh updated HADOOP-5419:
----------------------------------

    Attachment: hadoop-5419.patch

uploaded the latest patch with suggestions after discussion with hemanth.

In addition mentioning some points about the fix , which weren't very clear 
from my update above.

-Added new API in JobSubmissionProtocol getQueueAclsInfo.it takes username and 
returns QueueAclsInfo class

-Created new QueueAclsInfo class , it is a Writable class.

-QueueManager implements the method and synchronized. The method is 
synchronized because aclsMap in QueueManger might get (incase of automatic acls 
refresh feature)refreshed.This if happens will lead to issues.

-In JobClient we are doing {code}    ugi = UnixUserGroupInformation.login(job, 
true);
      UnixUserGroupInformation.setCurrentUser(ugi);{code}
This is done so that we get ugi value in JobQueueClient which displaying the 
acls info , as we are displaying username. Anythoughts?

-We had discussed about the web ui part , we thought that any user seeing other 
acls might lead to some issues. If at all we allow this we need to define 
special kind of user permissions (for example : administrator) so that those 
users can view the acls of all the users.

> Provide a way for users to find out what operations they can do on which M/R 
> queues
> -----------------------------------------------------------------------------------
>
>                 Key: HADOOP-5419
>                 URL: https://issues.apache.org/jira/browse/HADOOP-5419
>             Project: Hadoop Core
>          Issue Type: Improvement
>          Components: mapred
>            Reporter: Hemanth Yamijala
>            Assignee: rahul k singh
>         Attachments: hadoop-5419.patch, hadoop-5419.patch, hadoop-5419.patch
>
>
> This issue is to provide an improvement on the existing M/R framework to let 
> users know which queues they have access to, and for what operations. One use 
> case for this would that currently there is no easy way to know if the user 
> has access to submit jobs to a queue, until it fails with an access control 
> exception.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to