[
https://issues.apache.org/jira/browse/YARN-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14101677#comment-14101677
]
Ravi Prakash commented on YARN-2424:
------------------------------------
Hi Tucu! Thanks for your comment. There is currently capability to blacklist /
whitelist users in the container-executor.cfg file. Given this capability, do
you think in a properly configured cluster, yarn tasks launching as different
users could create problems? This is with the assumption that most clusters do
not have NFS mounts on the slave nodes.
As an aside I think it would be good to add a blacklist + whitelist for groups
as well.
> LCE should support non-cgroups, non-secure mode
> -----------------------------------------------
>
> Key: YARN-2424
> URL: https://issues.apache.org/jira/browse/YARN-2424
> Project: Hadoop YARN
> Issue Type: Bug
> Components: nodemanager
> Affects Versions: 2.3.0, 2.4.0, 2.5.0, 2.4.1
> Reporter: Allen Wittenauer
> Priority: Blocker
> Attachments: YARN-2424.patch
>
>
> After YARN-1253, LCE no longer works for non-secure, non-cgroup scenarios.
> This is a fairly serious regression, as turning on LCE prior to turning on
> full-blown security is a fairly standard procedure.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
