YARN-11545. Fixed FS2CS ACL conversion when all users are allowed. (#5910)

2023-08-03 16:29:41 +02:00 · 2023-08-03 16:29:41 +02:00 · 6e6349c793
commit 6e6349c793
parent 04c34a2171
3 changed files with 6 additions and 6 deletions
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/fair/converter/FSConfigToCSConfigConverter.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/fair/converter/FSConfigToCSConfigConverter.java
@ -432,13 +432,13 @@ private void generateQueueAcl(String queue,
    AccessControlList adminAcls = access.get(AccessType.ADMINISTER_QUEUE);

    if (!submitAcls.getGroups().isEmpty() ||
-        !submitAcls.getUsers().isEmpty()) {
+        !submitAcls.getUsers().isEmpty() || submitAcls.isAllAllowed()) {
      capacitySchedulerConfig.set(PREFIX + queue + ".acl_submit_applications",
          submitAcls.getAclString());
    }

    if (!adminAcls.getGroups().isEmpty() ||
-        !adminAcls.getUsers().isEmpty()) {
+        !adminAcls.getUsers().isEmpty() || adminAcls.isAllAllowed()) {
      capacitySchedulerConfig.set(PREFIX + queue + ".acl_administer_queue",
          adminAcls.getAclString());
    }
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/fair/converter/TestFSConfigToCSConfigConverter.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/java/org/apache/hadoop/yarn/server/resourcemanager/scheduler/fair/converter/TestFSConfigToCSConfigConverter.java
@ -263,9 +263,9 @@ public void testConvertACLs() throws Exception {
        conf.get(PREFIX + "root.admins.alice.acl_administer_queue"));

    // root.users.john
-    assertEquals("root.users.john submit ACL", "john ",
+    assertEquals("root.users.john submit ACL", "*",
        conf.get(PREFIX + "root.users.john.acl_submit_applications"));
-    assertEquals("root.users.john admin ACL", "john ",
+    assertEquals("root.users.john admin ACL", "*",
        conf.get(PREFIX + "root.users.john.acl_administer_queue"));

    // root.users.joe
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/resources/fair-scheduler-conversion.xml
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/test/resources/fair-scheduler-conversion.xml
@ -33,8 +33,8 @@
                <weight>1.0</weight>
                <minResources>memory-mb=4096, vcores=1</minResources>
                <schedulingPolicy>drf</schedulingPolicy>
-                <aclSubmitApps>john </aclSubmitApps>
-                <aclAdministerApps>john </aclAdministerApps>
+                <aclSubmitApps>*</aclSubmitApps>
+                <aclAdministerApps>*</aclAdministerApps>
                <maxContainerAllocation>vcores=2,memory-mb=8192</maxContainerAllocation>
            </queue>
            <queue name="joe">