[ https://issues.apache.org/jira/browse/OOZIE-2897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Bacsko updated OOZIE-2897: -------------------------------- Description: In MapReduce, you can define properties like: {noformat} mapreduce.job.acl-view-job mapreduce.job.acl-modify-job {noformat} {{acl-view-job}} defines a list of users/groups who can retrieve the job statistics. {{acl-modify-job}} defines a list of users/groups who can kill a job or adjust the priority of it. Docs: https://hadoop.apache.org/docs/r1.2.1/mapred_tutorial.html#Job+Authorization In YARN, we can provide backward compatibility for these properties. Example code: {code} Map<ApplicationAccessType, String> acls = new HashMap<ApplicationAccessType, String>(); acls.put(ApplicationAccessType.MODIFY_APP, "*"); acls.put(ApplicationAccessType.VIEW_APP, "*"); amContainer.setApplicationACLs(acls); {code} This has to be done before application submission. We have to open {{mapred-site.xml}} and check if {{mapred.acls.enabled}} is true. If so, then read the values of view-job/modify-job and configure the launcher context as described above. was: In MapReduce, you can define properties like: {noformat} mapreduce.job.acl-view-job mapreduce.job.acl-modify-job {noformat} {{acl-view-job}} defines a list of users/groups who can retrieve the job statistics. {{acl-modify-job}} defines a list of users/groups who can kill a job or adjust the priority of it. In YARN, we can provide backward compatibility for these properties. Example code: {code} Map<ApplicationAccessType, String> acls = new HashMap<ApplicationAccessType, String>(); acls.put(ApplicationAccessType.MODIFY_APP, "*"); acls.put(ApplicationAccessType.VIEW_APP, "*"); amContainer.setApplicationACLs(acls); {code} This has to be done before application submission. We have to open {{mapred-site.xml}} and check if {{mapred.acls.enabled}} is true. If so, then read the values of view-job/modify-job and configure the launcher context as described above. > LauncherAM should support ACLs > ------------------------------ > > Key: OOZIE-2897 > URL: https://issues.apache.org/jira/browse/OOZIE-2897 > Project: Oozie > Issue Type: Sub-task > Reporter: Peter Bacsko > > In MapReduce, you can define properties like: > {noformat} > mapreduce.job.acl-view-job > mapreduce.job.acl-modify-job > {noformat} > {{acl-view-job}} defines a list of users/groups who can retrieve the job > statistics. {{acl-modify-job}} defines a list of users/groups who can kill a > job or adjust the priority of it. > Docs: > https://hadoop.apache.org/docs/r1.2.1/mapred_tutorial.html#Job+Authorization > In YARN, we can provide backward compatibility for these properties. Example > code: > {code} > Map<ApplicationAccessType, String> acls = new HashMap<ApplicationAccessType, > String>(); > acls.put(ApplicationAccessType.MODIFY_APP, "*"); > acls.put(ApplicationAccessType.VIEW_APP, "*"); > amContainer.setApplicationACLs(acls); > {code} > This has to be done before application submission. We have to open > {{mapred-site.xml}} and check if {{mapred.acls.enabled}} is true. If so, then > read the values of view-job/modify-job and configure the launcher context as > described above. -- This message was sent by Atlassian JIRA (v6.3.15#6346)