Hitesh Shah commented on YARN-2102:

   - AccessControlList is limited private and not available to other users 
outside of HDFS and MapReduce
   - Is there a reason for not supporting separate list of users and groups? 
   - How is a user of this API expected to append a user to a list? Does the 
user need to do a get and then set? Obviously, if 2 users try to this in 
parallel, it will not work correctly due to the inherent non-atomic nature of 
the webservice. 
   - putNamespace or createNamespace? Or is put meant to denote upsert 
behavior? How is a user meant to update the namespace with additional 

> More generalized timeline ACLs
> ------------------------------
>                 Key: YARN-2102
>                 URL: https://issues.apache.org/jira/browse/YARN-2102
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: GeneralizedTimelineACLs.pdf, YARN-2102.1.patch, 
> YARN-2102.2.patch, YARN-2102.3.patch, YARN-2102.5.patch
> We need to differentiate the access controls of reading and writing 
> operations, and we need to think about cross-entity access control. For 
> example, if we are executing a workflow of MR jobs, which writing the 
> timeline data of this workflow, we don't want other user to pollute the 
> timeline data of the workflow by putting something under it.

This message was sent by Atlassian JIRA

Reply via email to