[jira] [Updated] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
[ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vinod Kumar Vavilapalli updated YARN-6890: -- Fix Version/s: 2.8.2 3.0.0-beta1 > If UI is not secured, we allow user to kill other users' job even yarn > cluster is secured. > -- > > Key: YARN-6890 > URL: https://issues.apache.org/jira/browse/YARN-6890 > Project: Hadoop YARN > Issue Type: Bug >Reporter: Sumana Sathish >Assignee: Junping Du >Priority: Critical > Fix For: 3.0.0-beta1, 2.8.2 > > Attachments: YARN-6890.patch, YARN-6890-v2.patch, YARN-6890-v3.patch > > > Configuring SPNEGO for web browser could be a head ache, so many production > cluster choose to configure a unsecured UI access even for a secured cluster. > In this setup, users (login as some random guy) could watch other users job > which is expected. However, the kill button (added in YARN-3249 which enabled > by default) shouldn't work in this situation. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Updated] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
[ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junping Du updated YARN-6890: - Attachment: YARN-6890-v3.patch > If UI is not secured, we allow user to kill other users' job even yarn > cluster is secured. > -- > > Key: YARN-6890 > URL: https://issues.apache.org/jira/browse/YARN-6890 > Project: Hadoop YARN > Issue Type: Bug >Reporter: Sumana Sathish >Assignee: Junping Du >Priority: Critical > Attachments: YARN-6890.patch, YARN-6890-v2.patch, YARN-6890-v3.patch > > > Configuring SPNEGO for web browser could be a head ache, so many production > cluster choose to configure a unsecured UI access even for a secured cluster. > In this setup, users (login as some random guy) could watch other users job > which is expected. However, the kill button (added in YARN-3249 which enabled > by default) shouldn't work in this situation. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Updated] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
[ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junping Du updated YARN-6890: - Attachment: YARN-6890-v2.patch Update the patch to use "hadoop.http.authentication.type" for UI unsecure. > If UI is not secured, we allow user to kill other users' job even yarn > cluster is secured. > -- > > Key: YARN-6890 > URL: https://issues.apache.org/jira/browse/YARN-6890 > Project: Hadoop YARN > Issue Type: Bug >Reporter: Sumana Sathish >Assignee: Junping Du >Priority: Critical > Attachments: YARN-6890.patch, YARN-6890-v2.patch > > > Configuring SPNEGO for web browser could be a head ache, so many production > cluster choose to configure a unsecured UI access even for a secured cluster. > In this setup, users (login as some random guy) could watch other users job > which is expected. However, the kill button (added in YARN-3249 which enabled > by default) shouldn't work in this situation. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Updated] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
[ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junping Du updated YARN-6890: - Attachment: YARN-6890.patch The fix is straight-forward. > If UI is not secured, we allow user to kill other users' job even yarn > cluster is secured. > -- > > Key: YARN-6890 > URL: https://issues.apache.org/jira/browse/YARN-6890 > Project: Hadoop YARN > Issue Type: Bug >Reporter: Sumana Sathish >Assignee: Junping Du >Priority: Critical > Attachments: YARN-6890.patch > > > Configuring SPNEGO for web browser could be a head ache, so many production > cluster choose to configure a unsecured UI access even for a secured cluster. > In this setup, users (login as some random guy) could watch other users job > which is expected. However, the kill button (added in YARN-3249 which enabled > by default) shouldn't work in this situation. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
[jira] [Updated] (YARN-6890) If UI is not secured, we allow user to kill other users' job even yarn cluster is secured.
[ https://issues.apache.org/jira/browse/YARN-6890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Junping Du updated YARN-6890: - Target Version/s: 3.0.0-beta1, 2.8.2 (was: 2.8.2) > If UI is not secured, we allow user to kill other users' job even yarn > cluster is secured. > -- > > Key: YARN-6890 > URL: https://issues.apache.org/jira/browse/YARN-6890 > Project: Hadoop YARN > Issue Type: Bug >Reporter: Sumana Sathish >Assignee: Junping Du >Priority: Critical > > Configuring SPNEGO for web browser could be a head ache, so many production > cluster choose to configure a unsecured UI access even for a secured cluster. > In this setup, users (login as some random guy) could watch other users job > which is expected. However, the kill button (added in YARN-3249 which enabled > by default) shouldn't work in this situation. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
