Using the current working dir doesn’t work with openssl - it seems to gag on the long path in the unit test environment:
(Emulated the runtime execution to see this error): openssl ca -create_serial -out /Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/ca.crt -days 365 -keyfile /Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/ca.key -key 3QxUtKyILrV5Its1l8YiyyAKPMRq86Uxq0L5iDRtgVO3xAunFs -selfsign -extensions jdk7_ca -config /Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/ca.config -batch -infiles /Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/ca.csr Using configuration from /Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/ca.config Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'AU' stateOrProvinceName :PRINTABLE:'Some-State' organizationName :PRINTABLE:'Internet Widgits Pty Ltd' Certificate is to be certified until Jul 9 02:12:31 2015 GMT (365 days) Write out database with 1 new entries certificate file name too long 24151:error:02001002:system library:fopen:No such file or directory:/SourceCache/OpenSSL098/OpenSSL098-50/src/crypto/bio/bss_file.c:356:fopen('/Users/jmaron/dev/workspaces/slider-asf/incubator-slider/slider-core/target/TestActionExists/TestActionExists-localDir-nm-0_0/usercache/jmaron/appcache/application_1404871405081_0001/container_1404871405081_0001_01_000001/security/db/serial','r') 24151:error:20074002:BIO routines:FILE_CTRL:system lib:/SourceCache/OpenSSL098/OpenSSL098-50/src/crypto/bio/bss_file.c:358: Is there any objection if I simply go with a unique temp dir per app master for creating the app master security directory structure (stores certs, keystones etc, all password protected)? — Jon On Jul 8, 2014, at 1:10 PM, Sumit Mohanty <smoha...@hortonworks.com> wrote: > /hadoop/yarn/local/usercache/yarn/appcache/application_ > 1404328298542_0019/container_1404328298542_0019_01_000002 is the working > dir. > > For example, agent refers to a sub-dir within as > "${AGENT_WORK_ROOT}/app/run" > > > On Tue, Jul 8, 2014 at 9:28 AM, Jon Maron <jma...@hortonworks.com> wrote: > >> Perhaps it's simply the working dir? I'll give that a try... >> >>> On Jul 8, 2014, at 11:56 AM, Jon Maron <jma...@hortonworks.com> wrote: >>> >>> Hi, >>> >>> In my current commit I am placing SSL security files for the slider app >> master in /home/yarn/.slider/security. They are created dynamically by the >> application master. I’d prefer to specify the appropriate, container >> associated directory (under /hadoop/yarn/…, I imagine). This would allow >> for a clean removal of the files (I suppose the argument could be made that >> the host based certificate can be reused by relaunched app masters, but I >> imagine the creation of new cert stores etc for a given app master has >> advantages as well). However, I still haven’t found what looks to be the >> acceptable/approved way for ascertaining that location (API etc), e.g. >>> >>> >> /hadoop/yarn/local/usercache/yarn/appcache/application_1404328298542_0019/container_1404328298542_0019_01_000002/infra >>> >>> Anyone know the API to invoke or system property to retrieve this >> directory? >>> >>> Thanks! >>> >>> — Jon >>> >> >> -- >> CONFIDENTIALITY NOTICE >> NOTICE: This message is intended for the use of the individual or entity to >> which it is addressed and may contain information that is confidential, >> privileged and exempt from disclosure under applicable law. If the reader >> of this message is not the intended recipient, you are hereby notified that >> any printing, copying, dissemination, distribution, disclosure or >> forwarding of this communication is strictly prohibited. If you have >> received this communication in error, please contact the sender immediately >> and delete it from your system. Thank You. >> > > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity to > which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.