[ https://issues.apache.org/jira/browse/YARN-2894?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14231076#comment-14231076 ]
Hadoop QA commented on YARN-2894: --------------------------------- {color:green}+1 overall{color}. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12684562/YARN-2894.1.patch against trunk revision 9fa2990. {color:green}+1 @author{color}. The patch does not contain any @author tags. {color:green}+1 tests included{color}. The patch appears to include 8 new or modified test files. {color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings. {color:green}+1 javadoc{color}. There were no new javadoc warning messages. {color:green}+1 eclipse:eclipse{color}. The patch built with eclipse:eclipse. {color:green}+1 findbugs{color}. The patch does not introduce any new Findbugs (version 2.0.3) warnings. {color:green}+1 release audit{color}. The applied patch does not increase the total number of release audit warnings. {color:green}+1 core tests{color}. The patch passed unit tests in hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager. {color:green}+1 contrib tests{color}. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-YARN-Build/5970//testReport/ Console output: https://builds.apache.org/job/PreCommit-YARN-Build/5970//console This message is automatically generated. > When ACL's are enabled, if RM switches then application can not be viewed > from web. > ----------------------------------------------------------------------------------- > > Key: YARN-2894 > URL: https://issues.apache.org/jira/browse/YARN-2894 > Project: Hadoop YARN > Issue Type: Bug > Components: resourcemanager > Affects Versions: 2.6.0 > Reporter: Rohith > Assignee: Rohith > Fix For: 2.7.0 > > Attachments: YARN-2894.1.patch, YARN-2894.patch > > > Binding aclManager to RMWebApp would cause problem if RM is switched. There > could be some validation check may fail. > I think , we should not bind aclManager for RMWebApp, instead we should get > from RM instance. > In RMWebApp, > {code} > if (rm != null) { > bind(ResourceManager.class).toInstance(rm); > bind(RMContext.class).toInstance(rm.getRMContext()); > bind(ApplicationACLsManager.class).toInstance( > rm.getApplicationACLsManager()); > bind(QueueACLsManager.class).toInstance(rm.getQueueACLsManager()); > } > {code} > and in AppBlock#render below check may fail(Need to test and confirm) > {code} > if (callerUGI != null > && !(this.aclsManager.checkAccess(callerUGI, > ApplicationAccessType.VIEW_APP, app.getUser(), appID) || > this.queueACLsManager.checkAccess(callerUGI, > QueueACL.ADMINISTER_QUEUE, app.getQueue()))) { > puts("You (User " + remoteUser > + ") are not authorized to view application " + appID); > return; > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)