You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "Dongjoon Hyun (Jira)" <ji...@apache.org> on 2020/03/16 22:53:03 UTC

[jira] [Updated] (SPARK-30256) Allow SparkLauncher to sudo before executing spark-submit

     [ https://issues.apache.org/jira/browse/SPARK-30256?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dongjoon Hyun updated SPARK-30256:
----------------------------------
    Affects Version/s:     (was: 3.0.0)
                       3.1.0

> Allow SparkLauncher to sudo before executing spark-submit
> ---------------------------------------------------------
>
>                 Key: SPARK-30256
>                 URL: https://issues.apache.org/jira/browse/SPARK-30256
>             Project: Spark
>          Issue Type: Improvement
>          Components: Spark Submit
>    Affects Versions: 3.1.0
>            Reporter: Jeff Evans
>            Priority: Minor
>
> It would be useful if {{org.apache.spark.launcher.SparkLauncher}} allowed for a "sudo as user X" option.  This way, multi-tenant applications that run Spark jobs could give end users greater security, by ensuring that the files (including, importantly, keytabs) can remain readable only by the end users instead of the UID that runs this multi-tenant application itself.  I believe that {{sudo -u <theUser> spark-submit <spark-submit-args>}} should work.  The builder maintained by {{SparkLauncher}} could simply have a {{setSudoUser}} method.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org