[
https://issues.apache.org/jira/browse/TWILL-165?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Poorna Chandra updated TWILL-165:
---------------------------------
Description:
Even though a container is launched as user "cdap", we get a "Permission
Denied" exception while writing to a directory owned by cdap from that
container. On further investigation, we found that the container process is
running as yarn and not as cdap. Hence it is not able to write to directory
owned by user cdap.
For now a work-around suggested by [~chtyim] would be to create Filesystem
object using cdap's UGI, and use the Filesystem object to create a file.
{code}
FileSystem fs = UserGroupInformation.createRemoteUser("some_user").doAs(
new PrivilegedExceptionAction<FileSystem>() {
@Override
public FileSystem run() throws Exception {
//...
}
})
{code}
We should figure out how to get the container to run as the user who launched
it, so that this workaround is not required.
was:
Even though a container is launched as user "cdap", we get a "Permission
Denied" exception while writing to a directory owned by cdap from that
container. On further investigation, we found that the container process is
running as yarn and not as cdap. Hence it is not able to write to directory
owned by user cdap.
For now a work-around suggested by [~chtyim] would be to create Filesystem
object using cdap's UGI, and use the Filesystem object to create a file.
{code}
FileSystem fs = UserGroupInformation.createRemoteUser("some_user").doAs(
...
)
{code}
We should figure out how to get the container to run as the user who launched
it, so that this workaround is not required.
> Permission denied while trying to write to local file in non-secure cluster
> ---------------------------------------------------------------------------
>
> Key: TWILL-165
> URL: https://issues.apache.org/jira/browse/TWILL-165
> Project: Apache Twill
> Issue Type: Bug
> Components: core
> Affects Versions: 0.7.0-incubating
> Reporter: Poorna Chandra
>
> Even though a container is launched as user "cdap", we get a "Permission
> Denied" exception while writing to a directory owned by cdap from that
> container. On further investigation, we found that the container process is
> running as yarn and not as cdap. Hence it is not able to write to directory
> owned by user cdap.
> For now a work-around suggested by [~chtyim] would be to create Filesystem
> object using cdap's UGI, and use the Filesystem object to create a file.
> {code}
> FileSystem fs = UserGroupInformation.createRemoteUser("some_user").doAs(
> new PrivilegedExceptionAction<FileSystem>() {
> @Override
> public FileSystem run() throws Exception {
> //...
> }
> })
> {code}
> We should figure out how to get the container to run as the user who launched
> it, so that this workaround is not required.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
