You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Eric Yang (JIRA)" <ji...@apache.org> on 2018/07/24 18:02:01 UTC
[jira] [Created] (YARN-8571) Validate service principal format
prior to launching yarn service
Eric Yang created YARN-8571:
-------------------------------
Summary: Validate service principal format prior to launching yarn service
Key: YARN-8571
URL: https://issues.apache.org/jira/browse/YARN-8571
Project: Hadoop YARN
Issue Type: Bug
Components: security, yarn
Affects Versions: 3.1.0
Reporter: Eric Yang
Assignee: Eric Yang
Hadoop client and server interaction is designed to validate the service principal before RPC request is permitted. In YARN service, the same security model is enforced to prevent replay attack. However, end user might submit JSON that looks like this to YARN service REST API:
{code}
{
"name": "sleeper-service",
"version": "1.0.0",
"components" :
[
{
"name": "sleeper",
"number_of_containers": 2,
"launch_command": "sleep 900000",
"resource": {
"cpus": 1,
"memory": "256"
}
}
],
"kerberos_principal" : {
"principal_name" : "ambari-qa@EXAMPLE.COM",
"keytab" : "file:///etc/security/keytabs/smokeuser.headless.keytab"
}
}
{code}
The kerberos principal is end user kerberos principal instead of service principal. This does not work properly because YARN service application master requires to run with a service principal to communicate with YARN CLI client via Hadoop RPC. Without breaking Hadoop security design in this JIRA, it might be in our best interest to validate principal_name during submission, and report error message when someone tries to run YARN service with user principal.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org