[
https://issues.apache.org/jira/browse/YARN-8091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16420066#comment-16420066
]
Sergey Shelukhin commented on YARN-8091:
----------------------------------------
The patch looks good to me, although I was only able to test on non-secure
cluster, don't have a kerberized one handy.
I deployed on some cluster and can see {noformat}
<rmQueueAclInfo>
<allowed>false</allowed>
<user>hive1</user>
<diagnostics>
User=hive1 doesn't have access to queue=foo with acl-type=SUBMIT_APPLICATIONS
</diagnostics>
</rmQueueAclInfo>
...
<rmQueueAclInfo>
<allowed>true</allowed>
<user>hive1</user>
<diagnostics/>
</rmQueueAclInfo>
{noformat}
> Revisit checkUserAccessToQueue RM REST API
> ------------------------------------------
>
> Key: YARN-8091
> URL: https://issues.apache.org/jira/browse/YARN-8091
> Project: Hadoop YARN
> Issue Type: Task
> Reporter: Wangda Tan
> Assignee: Wangda Tan
> Priority: Critical
> Attachments: YARN-8091.001.patch
>
>
> As offline suggested by [~sershe]. Currently design of the
> checkUserAccessToQueue mixed config-related issues (like user doesn't access
> to the URL) and user-facing output (like requested user is not permitted to
> access the queue) in the same code.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
