[
https://issues.apache.org/jira/browse/YARN-5549?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Templeton updated YARN-5549:
-----------------------------------
Attachment: YARN-5549.001.patch
Here's a patch. I decided that a separate logger wouldn't make sense unless it
were for the whole of the {{AMLauncher}} class, which is superfluous since the
loggers can be configured at the class level. Configuring the {{AMLauncher}}
logger not to log is too heavy-handed of a solution, though, so this JIRA is
still needed.
In the case that the command line logging is disabled, I still log a message,
just without the risky data, to minimize admin confusion.
I also did a tiny bit of cleanup. I can't help myself.
> AMLauncher.createAMContainerLaunchContext() should not log the command to be
> launched indiscriminately
> ------------------------------------------------------------------------------------------------------
>
> Key: YARN-5549
> URL: https://issues.apache.org/jira/browse/YARN-5549
> Project: Hadoop YARN
> Issue Type: Bug
> Components: resourcemanager
> Reporter: Daniel Templeton
> Assignee: Daniel Templeton
> Priority: Critical
> Attachments: YARN-5549.001.patch
>
>
> The command could contain sensitive information, such as keystore passwords
> or AWS credentials or other. Instead of logging it as INFO, we should log it
> as DEBUG and include a property to disable logging it at all. Logging it to
> a different logger would also be viable and may create a smaller
> administrative footprint.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
