[
https://issues.apache.org/jira/browse/MAPREDUCE-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12845946#action_12845946
]
Amar Kamat commented on MAPREDUCE-1543:
---------------------------------------
bq. I prefer userid.
Is ugi fine? The reason being that we log username just for performance
reasons. In near future we might include group information too. It can we
viewed as a ugi with masked group information.
bq. I think the toString of ACLs should be maintained and cannot be changed, it
is a constraint. ..... Since we are using tabs as delimiters, maybe this is
less of an issue now.
+1
bq. Can you confirm if we are changing this to AdditionalInfo, I think that's
more general.
We can name it as 'description' or maybe 'additional-info'. I am fine with
both. +1 for making it a string.
bq. Umm, but we'll still need to treat these as 'Object' parameters and do a
toString on them to get a log, right ? I see that as no different from passing
a string.
+1.
bq. This was inline with the other audit patch and hence my suggestion.... we
can turn off success logs by configuring log level
+1. Good point.
> Log messages of JobACLsManager should use security logging of HADOOP-6586
> -------------------------------------------------------------------------
>
> Key: MAPREDUCE-1543
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-1543
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: security
> Reporter: Vinod K V
> Assignee: Amar Kamat
> Fix For: 0.22.0
>
> Attachments: mapreduce-1543-y20s.patch
>
>
> {{JobACLsManager}} added in MAPREDUCE-1307 logs the successes and failures
> w.r.t job-level authorization in the corresponding Daemons' logs. The log
> messages should instead use security logging of HADOOP-6586.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
