[
https://issues.apache.org/jira/browse/YARN-4629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15140729#comment-15140729
]
Steve Loughran commented on YARN-4629:
--------------------------------------
+1
I've already been testing a variant of this in slider; in a non-HA system it
works without any compatibility problems.
> Distributed shell breaks under strong security
> ----------------------------------------------
>
> Key: YARN-4629
> URL: https://issues.apache.org/jira/browse/YARN-4629
> Project: Hadoop YARN
> Issue Type: Bug
> Components: applications/distributed-shell, security
> Affects Versions: 2.7.1
> Environment: Secure cluster with the RM principal listed with a
> /_HOST entry to be expanded, most common with YARN HA enabled.
> Reporter: Daniel Templeton
> Assignee: Daniel Templeton
> Attachments: YARN-4629.001.patch, YARN-4629.002.patch,
> YARN-4629.003.patch, YARN-4629.004.patch
>
>
> If the auth_to_local is set to map requests from unknown hosts to nobody, the
> dist shell app fails. The reason is that the client doesn't translate the
> _HOST placeholder to the local hostname.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
