datasophon
commented
9 months ago if yarn.acl.enable is set to false , is it necessary?
Closed thomasg19930417 closed 9 months ago
datasophon
commented
9 months ago if yarn.acl.enable is set to false , is it necessary?
thomasg19930417
commented
9 months ago We cannot control user behavior
thomasg19930417
commented
9 months ago HDFS status acquisition also involves similar issues
Search before asking
What happened
Operation failed: User root doesn't have permission to call 'getServiceState' at org.apache.hadoop.yarn.server.resourcemanager.RMServerUtils.verifyAdminAccess(RMServerUtils.java:420) at org.apache.hadoop.yarn.server.resourcemanager.RMServerUtils.verifyAdminAccess(RMServerUtils.java:385) at org.apache.hadoop.yarn.server.resourcemanager.AdminService.checkAccess(AdminService.java:229) at org.apache.hadoop.yarn.server.resourcemanager.AdminService.getServiceStatus(AdminService.java:382) at org.apache.hadoop.ha.protocolPB.HAServiceProtocolServerSideTranslatorPB.getServiceStatus(HAServiceProtocolServerSideTranslatorPB.java:148) at org.apache.hadoop.ha.proto.HAServiceProtocolProtos$HAServiceProtocolService$2.callBlockingMethod(HAServiceProtocolProtos.java:5415) at org.apache.hadoop.ipc.ProtobufRpcEngine$Server$ProtoBufRpcInvoker.call(ProtobufRpcEngine.java:528) at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:1086) at org.apache.hadoop.ipc.Server$RpcCall.run(Server.java:1029) at org.apache.hadoop.ipc.Server$RpcCall.run(Server.java:957) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:422) at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1762) at org.apache.hadoop.ipc.Server$Handler.run(Server.java:2957)
What you expected to happen
Regardless of whether acl is enabled or not, yarn ha status should be obtained normally.
How to reproduce
Get the value of yarn.admin.acl and su to this user to execute the command
Anything else
No response
Version
dev
Are you willing to submit PR?
Code of Conduct