You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Remus Rusanu (JIRA)" <ji...@apache.org> on 2014/08/31 16:24:20 UTC
[jira] [Updated] (YARN-2458) Add file handling features to the
Windows Secure Container Executor LRPC service
[ https://issues.apache.org/jira/browse/YARN-2458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Remus Rusanu updated YARN-2458:
-------------------------------
Attachment: YARN-2458.1.patch
First pass at the issue, the patch attached works. I will do a second pass to fix some hacks (move the native method into NativeIO class and handle DLL loading).
> Add file handling features to the Windows Secure Container Executor LRPC service
> --------------------------------------------------------------------------------
>
> Key: YARN-2458
> URL: https://issues.apache.org/jira/browse/YARN-2458
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: nodemanager
> Reporter: Remus Rusanu
> Assignee: Remus Rusanu
> Labels: security, windows
> Attachments: YARN-2458.1.patch
>
>
> In the WSCE design the nodemanager needs to do certain privileged operations like change file ownership to arbitrary users or delete files owned by the task container user after completion of the task. As we want to remove the Administrator privilege requirement from the nodemanager service, we have to move these operations into the privileged LRPC helper service.
> Extend the RPC interface to contain methods for change file ownership and manipulate files, add JNI client side and implement the server side. This will piggyback on the existing LRPC service so is not much infrastructure to add (run as service, RPC init, authentictaion and authorization are already solved). It just needs to be implemented.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)