[
https://issues.apache.org/jira/browse/BIGTOP-1050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13783427#comment-13783427
]
Aaron T. Myers commented on BIGTOP-1050:
----------------------------------------
+1, looks good to me.
The 4x5x is what's actually necessary for the whole thing to work properly, and
my understanding of preferred Linux packaging guidelines suggests that x7xx is
the right thing to do when the file is owned by root because lesser permissions
would be pointless, and xxx4 is the right thing to do when a file should not be
executable by ordinary users because lesser permissions would be pointless (the
code is OSS so nothing to hide in the binary) and we can't have greater
permissions and maintain correctness.
> Permissions on YARN LCE should be 4754
> --------------------------------------
>
> Key: BIGTOP-1050
> URL: https://issues.apache.org/jira/browse/BIGTOP-1050
> Project: Bigtop
> Issue Type: Bug
> Reporter: Sean Mackrory
> Assignee: Sean Mackrory
> Attachments:
> 0001-BIGTOP-1050.-Permissions-on-YARN-LCE-should-be-4754.patch
>
>
> The permissions we set for the YARN container executor are not exactly
> correct and are different from what we used to set for the MRv1 task
> containers. The requirements for the permissions are as follows:
> * Readable/executable by the group
> * Not executable by others
> * Not writable by others
> * Set UID
> * Owned by root
> I've tested this in YARN and have tested that I can still submit and run jobs
> successfully with these new permissions. This is somewhat second-hand
> information, so I'll CC [~atm] in case I've missed any important details or
> context...
--
This message was sent by Atlassian JIRA
(v6.1#6144)
