[
https://issues.apache.org/jira/browse/YARN-1853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14336880#comment-14336880
]
Andrey Stepachev commented on YARN-1853:
----------------------------------------
[~raviprak] not exactly. basically it does the same, but this patch also adds
check that user actually exists, and sends reject if not. without that check RM
will fail with exception and user will not know that request was failed due of
misconfiguration in user/group mapping.
> Allow containers to be ran under real user even in insecure mode
> ----------------------------------------------------------------
>
> Key: YARN-1853
> URL: https://issues.apache.org/jira/browse/YARN-1853
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: nodemanager, resourcemanager
> Affects Versions: 2.3.0
> Reporter: Andrey Stepachev
> Attachments: YARN-1853-trunk.patch, YARN-1853.patch
>
>
> Currently unsecure cluster runs all containers under one user (typically
> nobody). That is not appropriate, because yarn applications doesn't play well
> with hdfs having enabled permissions. Yarn applications try to write data (as
> expected) into /user/nobody regardless of user, who launched application.
> Another sideeffect is that it is not possible to configure cgroups for
> particular users.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
