Github user vanzin commented on the pull request:
https://github.com/apache/spark/pull/2320#issuecomment-185447671
> @vanzin : as @tgravescs mentioned, it did not work anymore hence the need
to fix it.
The fix for the bug Tom mentions is separate from distributing keytabs or
delegation tokens in an insecure deployment, which is what I'm strongly against.
> Standalone mode serve different purpose than running in YARN. Most
deployment would be for small clusters and semi-private mode where we assume
safe way to add keytab for users of Spark.
Sorry, I disagree. If you have kerberos, it means you care about security,
and here you'd be adding a mechanism for Spark to completely break that.
So: I'm ok with a fix that allows the workaround I mentioned above which
seems to be broken by SPARK-2541. I'm against any fix that means exposing
user's keytabs or delegation tokens to other users, regardless of whether you
think it's ok in your own environment.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
