[
https://issues.apache.org/jira/browse/SLIDER-1114?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Josh Elser updated SLIDER-1114:
-------------------------------
Assignee: Manoj Samel
> Provide option to run components as different user(s)
> -----------------------------------------------------
>
> Key: SLIDER-1114
> URL: https://issues.apache.org/jira/browse/SLIDER-1114
> Project: Slider
> Issue Type: New Feature
> Affects Versions: Slider 0.80
> Reporter: Manoj Samel
> Assignee: Manoj Samel
>
> Environment is slider .80 on Hadoop 2.6 secured cluster
> A component is launched for each distinct user of the service (via upgrade).
> E.g. when user A accesses service, do a "upgrade" and create a component for
> user A. When user B comes, create another component for user B etc.
> At present, all of these components are launched & run as single linux user -
> this is the user who launches slider AM.
> Security needs may demand that each component be run as its own linux user.
> This ask is similar to how secured Hadoop cluster launches MR jobs for user
> using user's login
> Expected ask is as follows ...
> Launch slider AM as user "admin"
> Run component for user A as user A's uid and gid
> Run component for user B as user B's uid and gid
> It seems this was thought about and then commented out in some version
> In version .80; resource_management/core/resources/system.py, I noticed that
> class Execute can take a parameter "user". Its not clear if and how this
> could be used. In core/shell.py, the logic around "user" is commented out
> with comment " Do not su to the supplied user"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
