[
https://issues.apache.org/jira/browse/YARN-2102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14114285#comment-14114285
]
Hitesh Shah commented on YARN-2102:
-----------------------------------
Comments:
- AccessControlList is limited private and not available to other users
outside of HDFS and MapReduce
- Is there a reason for not supporting separate list of users and groups?
- How is a user of this API expected to append a user to a list? Does the
user need to do a get and then set? Obviously, if 2 users try to this in
parallel, it will not work correctly due to the inherent non-atomic nature of
the webservice.
- putNamespace or createNamespace? Or is put meant to denote upsert
behavior? How is a user meant to update the namespace with additional
readers/writers?
> More generalized timeline ACLs
> ------------------------------
>
> Key: YARN-2102
> URL: https://issues.apache.org/jira/browse/YARN-2102
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Zhijie Shen
> Assignee: Zhijie Shen
> Attachments: GeneralizedTimelineACLs.pdf, YARN-2102.1.patch,
> YARN-2102.2.patch, YARN-2102.3.patch, YARN-2102.5.patch
>
>
> We need to differentiate the access controls of reading and writing
> operations, and we need to think about cross-entity access control. For
> example, if we are executing a workflow of MR jobs, which writing the
> timeline data of this workflow, we don't want other user to pollute the
> timeline data of the workflow by putting something under it.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
