[
https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15668629#comment-15668629
]
Greg Phillips commented on YARN-5280:
-------------------------------------
[~vvasudev] - thanks for the guidance. I have definitely run out of space in
the hadoop tmp dir in the past, and I completely agree that storing the
java.policy in the container private directory is a better solution. I have
made that modification, and I am currently testing it. For debugging purposes
users can inspect the generated java.policy file from within their application
using System.getSecurityManager(), or by providing client arguments for
security manager debugging. I will include notes on this in the javadoc, and
in future feature documentation.
The difficulty arises when moving the functionality from prepareContainer to
launchContainer. In particular I need to modify the actual java run command
instead of the container launch command. The only way I have found to modify
the run command found within the launch_container.sh is through the
LinuxContainerExecutor#writeLaunchEnv. A method which links the
LinuxContainerExecutor with the ContainerRuntime prior to the environment being
written seems necessary for this feature. I am very interested in your
thoughts on this matter.
> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
> Key: YARN-5280
> URL: https://issues.apache.org/jira/browse/YARN-5280
> Project: Hadoop YARN
> Issue Type: New Feature
> Components: nodemanager, yarn
> Affects Versions: 2.6.4
> Reporter: Greg Phillips
> Assignee: Greg Phillips
> Priority: Minor
> Labels: oct16-medium
> Attachments: YARN-5280.001.patch, YARN-5280.002.patch,
> YARN-5280.003.patch, YARN-5280.004.patch, YARN-5280.patch,
> YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have
> the potential to add instability into the cluster. The Java Security Manager
> can be used to prevent users from running privileged actions while still
> allowing their core data processing use cases.
> Introduce a YARN flag which will allow a Hadoop administrator to enable the
> Java Security Manager for user code, while still providing complete
> permissions to core Hadoop libraries.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
