This is documentation for MapR Version 5.0. You can also refer to MapR documentation for the latest release.

Skip to end of metadata
Go to start of metadata

You can control which users are able to submit jobs to the TaskTracker. By default, the TaskTracker is secured; all TaskTracker nodes should have the same user and group databases, and only users who are present on all TaskTracker nodes (same user ID on all nodes) can submit jobs. You can disallow certain users (including root or other superusers) from submitting jobs, or remove user restrictions from the TaskTracker completely.

Icon

You must restart the TaskTracker after changing a node's hostname.

To disallow root:

  1. Edit mapred-site.xml (MapReduce v1) and set mapred.tasktracker.task-controller.config.overwrite = false on all TaskTracker nodes.
  2. Edit taskcontroller.cfg and set min.user.id=0 on all TaskTracker nodes.
  3. Restart all TaskTrackers.

To disallow all superusers:

  1. Edit mapred-site.xml (MapReduce v1) and set mapred.tasktracker.task-controller.config.overwrite = false on all TaskTracker nodes.
  2. Edit taskcontroller.cfg and set min.user.id=1000 on all TaskTracker nodes.
  3. Restart all TaskTrackers.

To disallow specific users:

  1. Edit mapred-site.xml (MapReduce v1) and set mapred.tasktracker.task-controller.config.overwrite = false on all TaskTracker nodes.
  2. Edit taskcontroller.cfg and add the parameter banned.users on all TaskTracker nodes, setting it to a comma-separated list of usernames. Example:
  3. Restart all TaskTrackers.

To remove all user restrictions, and run all jobs as root:

  1. Edit mapred-site.xml (MapReduce v1) and set mapred.task.tracker.task-controller = org.apache.hadoop.mapred.DefaultTaskController on all TaskTracker nodes.
  2. Restart all TaskTrackers.
Icon

When you make the above setting, all jobs submitted by any user will run as root, and will have the ability to overwrite, delete, or damage data regardless of ownership or permissions.

  • No labels