diff --git hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/ConfiguredYarnAuthorizer.java hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/ConfiguredYarnAuthorizer.java index 90ba77a..855b6dc 100644 --- hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/ConfiguredYarnAuthorizer.java +++ hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/security/ConfiguredYarnAuthorizer.java @@ -18,16 +18,20 @@ package org.apache.hadoop.yarn.security; +import java.io.IOException; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.apache.hadoop.classification.InterfaceAudience.Private; import org.apache.hadoop.classification.InterfaceStability.Unstable; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.authorize.AccessControlList; import org.apache.hadoop.yarn.conf.YarnConfiguration; +import org.apache.hadoop.yarn.exceptions.YarnRuntimeException; import org.apache.hadoop.yarn.security.PrivilegedEntity.EntityType; /** @@ -38,6 +42,8 @@ @Unstable public class ConfiguredYarnAuthorizer extends YarnAuthorizationProvider { + static Log LOG = LogFactory.getLog(ConfiguredYarnAuthorizer.class); + private final ConcurrentMap> allAcls = new ConcurrentHashMap<>(); private volatile AccessControlList adminAcl = null; @@ -48,6 +54,13 @@ public void init(Configuration conf) { adminAcl = new AccessControlList(conf.get(YarnConfiguration.YARN_ADMIN_ACL, YarnConfiguration.DEFAULT_YARN_ADMIN_ACL)); + try { + adminAcl.addUser(UserGroupInformation.getCurrentUser(). + getShortUserName()); + } catch (IOException e) { + LOG.warn("Could not add current user to admin." + e); + throw new YarnRuntimeException(e); + } } @Override