[GitHub] spark pull request #21514: [SPARK-22860] [Core] - hide key password from lin...
Github user jerryshao commented on a diff in the pull request: https://github.com/apache/spark/pull/21514#discussion_r194308977 --- Diff: core/src/main/scala/org/apache/spark/scheduler/cluster/StandaloneSchedulerBackend.scala --- @@ -100,7 +100,7 @@ private[spark] class StandaloneSchedulerBackend( val sparkJavaOpts = Utils.sparkJavaOpts(conf, SparkConf.isExecutorStartupConf) val javaOpts = sparkJavaOpts ++ extraJavaOpts val command = Command("org.apache.spark.executor.CoarseGrainedExecutorBackend", - args, sc.executorEnvs, classPathEntries ++ testingClassPath, libraryPathEntries, javaOpts) + args, sc.executorEnvs, classPathEntries ++ testingClassPath, libraryPathEntries, javaOpts.filterNot(_.startsWith("-Dspark.ssl.keyStorePassword")).filterNot(_.startsWith("-Dspark.ssl.keyPassword"))) --- End diff -- What about `*storePassword`? Actually I'm thinking of using Hadoop credential provider to store password (https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/CredentialProviderAPI.html) to avoid plaintext password. I have a local PR for this. --- - To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org
[GitHub] spark pull request #21514: [SPARK-22860] [Core] - hide key password from lin...
Github user jiangxb1987 commented on a diff in the pull request: https://github.com/apache/spark/pull/21514#discussion_r194296152 --- Diff: core/src/main/scala/org/apache/spark/scheduler/cluster/StandaloneSchedulerBackend.scala --- @@ -100,7 +100,7 @@ private[spark] class StandaloneSchedulerBackend( val sparkJavaOpts = Utils.sparkJavaOpts(conf, SparkConf.isExecutorStartupConf) val javaOpts = sparkJavaOpts ++ extraJavaOpts val command = Command("org.apache.spark.executor.CoarseGrainedExecutorBackend", - args, sc.executorEnvs, classPathEntries ++ testingClassPath, libraryPathEntries, javaOpts) + args, sc.executorEnvs, classPathEntries ++ testingClassPath, libraryPathEntries, javaOpts.filterNot(_.startsWith("-Dspark.ssl.keyStorePassword")).filterNot(_.startsWith("-Dspark.ssl.keyPassword"))) --- End diff -- If you really have to do this, I'd have: ``` javaOpts.filterNot { opt => opt.startsWith("-Dspark.ssl.keyStorePassword") || opt.startsWith("-Dspark.ssl.keyPassword") } ``` --- - To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org
[GitHub] spark pull request #21514: [SPARK-22860] [Core] - hide key password from lin...
GitHub user tooptoop4 opened a pull request: https://github.com/apache/spark/pull/21514 [SPARK-22860] [Core] - hide key password from linux ps listing ## What changes were proposed in this pull request? hide password from 'ps' linux command ## How was this patch tested? Existing tests Please review http://spark.apache.org/contributing.html before opening a pull request. I confirm this is my own work You can merge this pull request into a Git repository by running: $ git pull https://github.com/tooptoop4/spark spark22860 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/spark/pull/21514.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #21514 commit 380d97d84dda6617f531e29f1d477e2360d29dfd Author: Toop Date: 2018-06-08T23:26:02Z [SPARK-22860] [Core] - hide key password from linux ps listing --- - To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org