You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@bigtop.apache.org by "Aaron T. Myers (JIRA)" <ji...@apache.org> on 2013/10/02 00:34:23 UTC
[jira] [Commented] (BIGTOP-1050) Permissions on YARN LCE should be
4754
[ https://issues.apache.org/jira/browse/BIGTOP-1050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13783427#comment-13783427 ]
Aaron T. Myers commented on BIGTOP-1050:
----------------------------------------
+1, looks good to me.
The 4x5x is what's actually necessary for the whole thing to work properly, and my understanding of preferred Linux packaging guidelines suggests that x7xx is the right thing to do when the file is owned by root because lesser permissions would be pointless, and xxx4 is the right thing to do when a file should not be executable by ordinary users because lesser permissions would be pointless (the code is OSS so nothing to hide in the binary) and we can't have greater permissions and maintain correctness.
> Permissions on YARN LCE should be 4754
> --------------------------------------
>
> Key: BIGTOP-1050
> URL: https://issues.apache.org/jira/browse/BIGTOP-1050
> Project: Bigtop
> Issue Type: Bug
> Reporter: Sean Mackrory
> Assignee: Sean Mackrory
> Attachments: 0001-BIGTOP-1050.-Permissions-on-YARN-LCE-should-be-4754.patch
>
>
> The permissions we set for the YARN container executor are not exactly correct and are different from what we used to set for the MRv1 task containers. The requirements for the permissions are as follows:
> * Readable/executable by the group
> * Not executable by others
> * Not writable by others
> * Set UID
> * Owned by root
> I've tested this in YARN and have tested that I can still submit and run jobs successfully with these new permissions. This is somewhat second-hand information, so I'll CC [~atm] in case I've missed any important details or context...
--
This message was sent by Atlassian JIRA
(v6.1#6144)