[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16942396#comment-16942396
]
Eric Yang commented on YARN-9834:
-
{quote}Like I already explained in our meeting. There is no concrete
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16942361#comment-16942361
]
shanyu zhao commented on YARN-9834:
---
[~eyang] Please see my response inline:
{quote}The current patch
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16942349#comment-16942349
]
Eric Yang commented on YARN-9834:
-
There was a community meeting called to discuss this issue, people
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16932748#comment-16932748
]
shanyu zhao commented on YARN-9834:
---
[~eyang]
{quote}User's home directory may be used by multiple
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16932594#comment-16932594
]
Eric Yang commented on YARN-9834:
-
[~shanyu] There are too many security defects to list them all. I just
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16932085#comment-16932085
]
shanyu zhao commented on YARN-9834:
---
Thanks for the review [~eyang]. If you see any security hole in
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16932041#comment-16932041
]
Eric Yang commented on YARN-9834:
-
Sorry, this design looks too risky for me to consider. I will let
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16932009#comment-16932009
]
shanyu zhao commented on YARN-9834:
---
{quote}Given the reasoning of node manager running in Docker
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16931975#comment-16931975
]
Eric Yang commented on YARN-9834:
-
{quote}"host" in this scenario is the Docker container running node
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16931953#comment-16931953
]
shanyu zhao commented on YARN-9834:
---
{quote}I think host joining AD is required to keep authorized
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16931946#comment-16931946
]
Eric Yang commented on YARN-9834:
-
{quote}For SSSD to work it needs to have credentials to talk to LDAP,
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16931725#comment-16931725
]
shanyu zhao commented on YARN-9834:
---
[~eyang]
{quote}The mechanism doesn't need to be different between
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16931554#comment-16931554
]
Eric Yang commented on YARN-9834:
-
[~shanyu] {quote}You are talking about Docker container executor. What
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16930998#comment-16930998
]
shanyu zhao commented on YARN-9834:
---
[~eyang], You are talking about Docker container executor. What I
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16930980#comment-16930980
]
Eric Yang commented on YARN-9834:
-
[~shanyu] {quote}I forgot to mention that for Winbind/SSSD to work the
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16930945#comment-16930945
]
shanyu zhao commented on YARN-9834:
---
Thanks [~eyang]! I forgot to mention that for Winbind/SSSD to work
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16930716#comment-16930716
]
Eric Yang commented on YARN-9834:
-
[~shanyu] SSSD does not mirror all users, and it only caches users on
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16929804#comment-16929804
]
shanyu zhao commented on YARN-9834:
---
[~ashvin] I missed that file during git push, it is added now.
[
https://issues.apache.org/jira/browse/YARN-9834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16929676#comment-16929676
]
Ashvin commented on YARN-9834:
--
Hi [~shanyu]. I took a quick look at the pull request. Is it missing some
19 matches
Mail list logo