You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Greg Phillips (JIRA)" <ji...@apache.org> on 2016/10/27 19:04:58 UTC
[jira] [Comment Edited] (YARN-5280) Allow YARN containers to run
with Java Security Manager
[ https://issues.apache.org/jira/browse/YARN-5280?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15612823#comment-15612823 ]
Greg Phillips edited comment on YARN-5280 at 10/27/16 7:04 PM:
---------------------------------------------------------------
[~rkanter] - Thank you for reviewing the patch.
# The test failures didn't appear in my local unit testing, I was able to pull the logs from jenkins and I am attempting to track down the issue. The checkstyle and warnings mostly relate to using proprietary API's for the java policy framework. There are a handful of other examples of this warning in the total hadoop build, though I could find a way to work around using them if necessary.
# The queue name is used to whitelist an application so that it doesn't run with the security manager enabled. I've investigated several mechanisms for creating this whitelist behavior, and using queues offered access control and the correct scope. This does mean AM implementations will need to set this property in order for whitelisting to work (and currently only MR has this set). I am definitely interested in ideas for other ways of whitelisting applications.
# - 6. I will have an update including these changes in the next patch.
was (Author: gphillips):
[~rkanter] - Thank you for reviewing the patch.
1. The test failures didn't appear in my local unit testing, I was able to pull the logs from jenkins and I am attempting to track down the issue. The checkstyle and warnings mostly relate to using proprietary API's for the java policy framework. There are a handful of other examples of this warning in the total hadoop build, though I could find a way to work around using them if necessary.
2. The queue name is used to whitelist an application so that it doesn't run with the security manager enabled. I've investigated several mechanisms for creating this whitelist behavior, and using queues offered access control and the correct scope. This does mean AM implementations will need to set this property in order for whitelisting to work (and currently only MR has this set). I am definitely interested in ideas for other ways of whitelisting applications.
3 - 6. I will have an update including these changes in the next patch.
> Allow YARN containers to run with Java Security Manager
> -------------------------------------------------------
>
> Key: YARN-5280
> URL: https://issues.apache.org/jira/browse/YARN-5280
> Project: Hadoop YARN
> Issue Type: New Feature
> Components: nodemanager, yarn
> Affects Versions: 2.6.4
> Reporter: Greg Phillips
> Assignee: Greg Phillips
> Priority: Minor
> Labels: oct16-medium
> Attachments: YARN-5280.001.patch, YARN-5280.002.patch, YARN-5280.patch, YARNContainerSandbox.pdf
>
>
> YARN applications have the ability to perform privileged actions which have the potential to add instability into the cluster. The Java Security Manager can be used to prevent users from running privileged actions while still allowing their core data processing use cases.
> Introduce a YARN flag which will allow a Hadoop administrator to enable the Java Security Manager for user code, while still providing complete permissions to core Hadoop libraries.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org