Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-9068

Enhance ACL to set a list of users to access container shell

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None

    Description

      YARN service might be running as a service user, e.g. hbase user. In order to get into docker container owned by hbase user. A human user needs to be either part of YARN admin, or obtain hbase user kerberos credential. It would be nice to add enhancement to YARN service and docker support to have a list of allowed human users other than YARN admin to have access to hbase user's container.

      Attachments

        Issue Links

          relates to

          Sub-task - The sub-task of the issue YARN-8838 Add security check for container user is same as websocket user

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              eyang Eric Yang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: