Uploaded image for project: 'Slider'
  1. Slider
  2. SLIDER-1114

Provide option to run components as different user(s)

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: Slider 0.80
    • Fix Version/s: Slider 1.0.0
    • Component/s: None
    • Labels:
      None

      Description

      Environment is slider .80 on Hadoop 2.6 secured cluster

      A component is launched for each distinct user of the service (via upgrade). E.g. when user A accesses service, do a "upgrade" and create a component for user A. When user B comes, create another component for user B etc.

      At present, all of these components are launched & run as single linux user - this is the user who launches slider AM.

      Security needs may demand that each component be run as its own linux user. This ask is similar to how secured Hadoop cluster launches MR jobs for user using user's login

      Expected ask is as follows ...

      Launch slider AM as user "admin"
      Run component for user A as user A's uid and gid
      Run component for user B as user B's uid and gid

      It seems this was thought about and then commented out in some version

      In version .80; resource_management/core/resources/system.py, I noticed that class Execute can take a parameter "user". Its not clear if and how this could be used. In core/shell.py, the logic around "user" is commented out with comment " Do not su to the supplied user"

        Attachments

          Activity

            People

            • Assignee:
              manojsamel Manoj Samel
              Reporter:
              manojsamel Manoj Samel
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: