spark git commit: [SPARK-20239][CORE][2.1-BACKPORT] Improve HistoryServer's ACL mechanism
Repository: spark Updated Branches: refs/heads/branch-2.1 2d47e1aaf -> 359382c03 [SPARK-20239][CORE][2.1-BACKPORT] Improve HistoryServer's ACL mechanism Current SHS (Spark History Server) has two different ACLs: * ACL of base URL, it is controlled by "spark.acls.enabled" or "spark.ui.acls.enabled", and with this enabled, only user configured with "spark.admin.acls" (or group) or "spark.ui.view.acls" (or group), or the user who started SHS could list all the applications, otherwise none of them can be listed. This will also affect REST APIs which listing the summary of all apps and one app. * Per application ACL. This is controlled by "spark.history.ui.acls.enabled". With this enabled only history admin user and user/group who ran this app can access the details of this app. With this two ACLs, we may encounter several unexpected behaviors: 1. if base URL's ACL (`spark.acls.enable`) is enabled but user A has no view permission. User "A" cannot see the app list but could still access details of it's own app. 2. if ACLs of base URL (`spark.acls.enable`) is disabled, then user "A" could download any application's event log, even it is not run by user "A". 3. The changes of Live UI's ACL will affect History UI's ACL which share the same conf file. The unexpected behaviors is mainly because we have two different ACLs, ideally we should have only one to manage all. So to improve SHS's ACL mechanism, here in this PR proposed to: 1. Disable "spark.acls.enable" and only use "spark.history.ui.acls.enable" for history server. 2. Check permission for event-log download REST API. With this PR: 1. Admin user could see/download the list of all applications, as well as application details. 2. Normal user could see the list of all applications, but can only download and check the details of applications accessible to him. New UTs are added, also verified in real cluster. CC tgravescs vanzin please help to review, this PR changes the semantics you did previously. Thanks a lot. Author: jerryshaoCloses #17755 from jerryshao/SPARK-20239-2.1-backport. Project: http://git-wip-us.apache.org/repos/asf/spark/repo Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/359382c0 Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/359382c0 Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/359382c0 Branch: refs/heads/branch-2.1 Commit: 359382c038d5836e95ee3ca871f3d1da5bc08148 Parents: 2d47e1a Author: jerryshao Authored: Tue Apr 25 15:21:12 2017 -0700 Committer: Marcelo Vanzin Committed: Tue Apr 25 15:21:12 2017 -0700 -- .../history/ApplicationHistoryProvider.scala| 4 ++-- .../spark/deploy/history/HistoryServer.scala| 20 +++- .../spark/status/api/v1/ApiRootResource.scala | 18 +++--- .../deploy/history/HistoryServerSuite.scala | 12 +++- 4 files changed, 43 insertions(+), 11 deletions(-) -- http://git-wip-us.apache.org/repos/asf/spark/blob/359382c0/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala -- diff --git a/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala b/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala index d7d8280..6d8758a 100644 --- a/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala +++ b/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala @@ -86,7 +86,7 @@ private[history] abstract class ApplicationHistoryProvider { * @return Count of application event logs that are currently under process */ def getEventLogsUnderProcess(): Int = { -return 0; +0 } /** @@ -95,7 +95,7 @@ private[history] abstract class ApplicationHistoryProvider { * @return 0 if this is undefined or unsupported, otherwise the last updated time in millis */ def getLastUpdatedTime(): Long = { -return 0; +0 } /** http://git-wip-us.apache.org/repos/asf/spark/blob/359382c0/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala -- diff --git a/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala b/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala index 7e21fa6..b02992a 100644 --- a/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala +++ b/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala @@ -269,7 +269,7 @@ object HistoryServer extends Logging { Utils.initDaemon(log) new HistoryServerArguments(conf, argStrings) initSecurity() -val securityManager = new
spark git commit: [SPARK-20239][CORE][2.1-BACKPORT] Improve HistoryServer's ACL mechanism
Repository: spark Updated Branches: refs/heads/branch-2.0 ddf6dd88a -> 068500a4a [SPARK-20239][CORE][2.1-BACKPORT] Improve HistoryServer's ACL mechanism Current SHS (Spark History Server) has two different ACLs: * ACL of base URL, it is controlled by "spark.acls.enabled" or "spark.ui.acls.enabled", and with this enabled, only user configured with "spark.admin.acls" (or group) or "spark.ui.view.acls" (or group), or the user who started SHS could list all the applications, otherwise none of them can be listed. This will also affect REST APIs which listing the summary of all apps and one app. * Per application ACL. This is controlled by "spark.history.ui.acls.enabled". With this enabled only history admin user and user/group who ran this app can access the details of this app. With this two ACLs, we may encounter several unexpected behaviors: 1. if base URL's ACL (`spark.acls.enable`) is enabled but user A has no view permission. User "A" cannot see the app list but could still access details of it's own app. 2. if ACLs of base URL (`spark.acls.enable`) is disabled, then user "A" could download any application's event log, even it is not run by user "A". 3. The changes of Live UI's ACL will affect History UI's ACL which share the same conf file. The unexpected behaviors is mainly because we have two different ACLs, ideally we should have only one to manage all. So to improve SHS's ACL mechanism, here in this PR proposed to: 1. Disable "spark.acls.enable" and only use "spark.history.ui.acls.enable" for history server. 2. Check permission for event-log download REST API. With this PR: 1. Admin user could see/download the list of all applications, as well as application details. 2. Normal user could see the list of all applications, but can only download and check the details of applications accessible to him. New UTs are added, also verified in real cluster. CC tgravescs vanzin please help to review, this PR changes the semantics you did previously. Thanks a lot. Author: jerryshaoCloses #17755 from jerryshao/SPARK-20239-2.1-backport. (cherry picked from commit 359382c038d5836e95ee3ca871f3d1da5bc08148) Signed-off-by: Marcelo Vanzin Project: http://git-wip-us.apache.org/repos/asf/spark/repo Commit: http://git-wip-us.apache.org/repos/asf/spark/commit/068500a4 Tree: http://git-wip-us.apache.org/repos/asf/spark/tree/068500a4 Diff: http://git-wip-us.apache.org/repos/asf/spark/diff/068500a4 Branch: refs/heads/branch-2.0 Commit: 068500a4a67d67112dcd012820388ca99df9a011 Parents: ddf6dd8 Author: jerryshao Authored: Tue Apr 25 15:21:12 2017 -0700 Committer: Marcelo Vanzin Committed: Tue Apr 25 15:21:24 2017 -0700 -- .../history/ApplicationHistoryProvider.scala| 4 ++-- .../spark/deploy/history/HistoryServer.scala| 20 +++- .../spark/status/api/v1/ApiRootResource.scala | 18 +++--- .../deploy/history/HistoryServerSuite.scala | 12 +++- 4 files changed, 43 insertions(+), 11 deletions(-) -- http://git-wip-us.apache.org/repos/asf/spark/blob/068500a4/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala -- diff --git a/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala b/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala index f3ea541..bc9fa70 100644 --- a/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala +++ b/core/src/main/scala/org/apache/spark/deploy/history/ApplicationHistoryProvider.scala @@ -84,7 +84,7 @@ private[history] abstract class ApplicationHistoryProvider { * @return Count of application event logs that are currently under process */ def getEventLogsUnderProcess(): Int = { -return 0; +0 } /** @@ -93,7 +93,7 @@ private[history] abstract class ApplicationHistoryProvider { * @return 0 if this is undefined or unsupported, otherwise the last updated time in millis */ def getLastUpdatedTime(): Long = { -return 0; +0 } /** http://git-wip-us.apache.org/repos/asf/spark/blob/068500a4/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala -- diff --git a/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala b/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala index 996c19e..44ce495 100644 --- a/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala +++ b/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala @@ -261,7 +261,7 @@ object HistoryServer extends Logging { Utils.initDaemon(log)