[
https://issues.apache.org/jira/browse/YARN-1943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13969958#comment-13969958
]
Alejandro Abdelnur commented on YARN-1943:
------------------------------------------
Access to HDFS happens as Sally's username. While access to local resources in
the node, as nobody (or the user you configure). It was agreed that was a
security risk to allow user impersonation for the process without strong
authentication as you can easily fake anybody by setting the user.name Java
System property.
> Multitenant LinuxContainerExecutor is incompatible with Simple Security mode.
> -----------------------------------------------------------------------------
>
> Key: YARN-1943
> URL: https://issues.apache.org/jira/browse/YARN-1943
> Project: Hadoop YARN
> Issue Type: Bug
> Components: nodemanager
> Affects Versions: 2.3.0
> Reporter: jay vyas
> Priority: Critical
> Labels: linux
> Fix For: 2.3.0
>
>
> As of hadoop 2.3.0, commit cc74a18c makes it so that nonsecureLocalUser
> replaces the user who submits a job if security is disabled:
> {noformat}
> return UserGroupInformation.isSecurityEnabled() ? user : nonsecureLocalUser;
> {noformat}
> However, the only way to enable security, is to NOT use SIMPLE authentication
> mode:
> {noformat}
> public static boolean isSecurityEnabled() {
> return !isAuthenticationMethodEnabled(AuthenticationMethod.SIMPLE);
> }
> {noformat}
>
> Thus, the framework ENFORCES that "SIMPLE" login security --> nonSecureuser
> for submission of LinuxExecutorContainer.
> This results in a confusing issue, wherein we submit a job as "sally" and
> then get an exception that user "nobody" is not whitelisted and has UID <
> MAX_ID.
> My proposed solution is that we should be able to leverage
> LinuxContainerExector regardless of hadoop's view of the security settings on
> the cluster, i.e. decouple LinuxContainerExecutor logic from the
> "isSecurityEnabled" return value.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
