[ https://issues.apache.org/jira/browse/YARN-6791?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
YunFan Zhou updated YARN-6791: ------------------------------ Attachment: YARN-6791.003.patch > Add a new acl control to make YARN acl control perfect > ------------------------------------------------------ > > Key: YARN-6791 > URL: https://issues.apache.org/jira/browse/YARN-6791 > Project: Hadoop YARN > Issue Type: Improvement > Components: yarn > Affects Versions: 2.7.2 > Reporter: YunFan Zhou > Assignee: YunFan Zhou > Fix For: 2.7.2 > > Attachments: screenshot-1.png, screenshot-2.png, YARN-6791.001.patch, > YARN-6791.002.patch, YARN-6791.003.patch > > > The yarn application acl control is not so perfect which could let us pretty > confused sometimes. > !screenshot-1.png! > The yarn acl is disabled default, but when we enable it. > You will find the others who neither is yarn admin nor queue admin can not > view the application detail. > It will show something as blow in YARN RM web ui: > !screenshot-2.png! > So when we enable those configs, you will find it is very inconvenient to > view the application status > when use RM web ui. > There are two ways to solve the problem: > 1. To make the web ui more perfect, and can allow user to login as any uses > he want. > Besides, it should provide a perfect verification mechanism. > 2. Add a config in YarnConfiguration, which can allow some uses view any > applications he want. > But he has not modify permissions. > In this way, the user can view all applications but can not kill other users > applications. > Of the above two solutions, I will choose the second solution. > It is low cost but is more useful. > I will work on this, and upload the patch later. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org