You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Karthik Kambatla (JIRA)" <ji...@apache.org> on 2016/09/01 22:01:20 UTC

[jira] [Comment Edited] (YARN-5549) AMLauncher.createAMContainerLaunchContext() should not log the command to be launched indiscriminately

    [ https://issues.apache.org/jira/browse/YARN-5549?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15456302#comment-15456302 ] 

Karthik Kambatla edited comment on YARN-5549 at 9/1/16 10:01 PM:
-----------------------------------------------------------------

The patch looks good, except for the following nits:
# The static imports make sense, but the rest of the code doesn't do it. Can we leave them out? If we choose to keep it, when logging "REDACTED etc." should use the statically imported version.
# Some of the changes are unrelated to the patch. To minimize conflicts, I would like for us to leave these out. 


was (Author: kasha):
The patch looks good, except for the following nits:
# The static imports make sense, but the rest of the code doesn't do it. Can we leave out. If we choose to keep it, when logging "REDACTED etc."
# Some of the changes are unrelated to the patch. To minimize conflicts, I would like for us to leave these out. 

> AMLauncher.createAMContainerLaunchContext() should not log the command to be launched indiscriminately
> ------------------------------------------------------------------------------------------------------
>
>                 Key: YARN-5549
>                 URL: https://issues.apache.org/jira/browse/YARN-5549
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: resourcemanager
>    Affects Versions: 2.7.2
>            Reporter: Daniel Templeton
>            Assignee: Daniel Templeton
>            Priority: Critical
>         Attachments: YARN-5549.001.patch, YARN-5549.002.patch, YARN-5549.003.patch, YARN-5549.004.patch, YARN-5549.005.patch, YARN-5549.006.patch
>
>
> The command could contain sensitive information, such as keystore passwords or AWS credentials or other.  Instead of logging it as INFO, we should log it as DEBUG and include a property to disable logging it at all.  Logging it to a different logger would also be viable and may create a smaller administrative footprint.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org