AMBARI-6611. container-executor.cfg.j2 contains hardcoded min.user.id=1000 (aonishuk)

ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java

@@ -751,6 +751,10 @@ public class UpgradeCatalog170 extends AbstractUpgradeCatalog {
     updateConfigurationProperties("hbase-env",
         Collections.singletonMap("hbase_regionserver_xmn_ratio", "0.2"), false,
         false);
+    
+    updateConfigurationProperties("yarn-env",
+        Collections.singletonMap("min_user_id", "1000"), false,
+        false);
   }
 
   protected void addEnvContentFields() throws AmbariException {

ambari-server/src/main/resources/stacks/HDP/2.0.6/services/YARN/configuration/yarn-env.xml

@@ -51,7 +51,12 @@
     <value>1024</value>
     <description>Max heapsize for NodeManager using a numerical value in the scale of MB</description>
   </property>
-  
+  <property>
+    <name>min_user_id</name>
+    <value>1000</value>
+    <description>Set to 0 to disallow root from submitting jobs. Set to 1000 to disallow all superusers from submitting jobs</description>
+  </property>  
+
   <!-- yarn-env.sh -->
   <property>
     <name>content</name>

ambari-server/src/main/resources/stacks/HDP/2.0.6/services/YARN/package/scripts/params.py

@@ -144,4 +144,5 @@ mapred_tt_group = default("/configurations/mapred-site/mapreduce.tasktracker.gro
 
 mapred_local_dir = "/tmp/hadoop-mapred/mapred/local"
 hdfs_log_dir_prefix = config['configurations']['hadoop-env']['hdfs_log_dir_prefix']
+min_user_id = config['configurations']['yarn-env']['min_user_id']
 

ambari-server/src/main/resources/stacks/HDP/2.0.6/services/YARN/package/templates/container-executor.cfg.j2

@@ -37,4 +37,4 @@ yarn.nodemanager.local-dirs={{nm_local_dirs}}
 yarn.nodemanager.log-dirs={{nm_log_dirs}}
 yarn.nodemanager.linux-container-executor.group={{yarn_executor_container_group}}
 banned.users=hdfs,yarn,mapred,bin
-min.user.id=1000
+min.user.id={{min_user_id}}

ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog170Test.java

@@ -278,6 +278,10 @@ public class UpgradeCatalog170Test {
     upgradeCatalog.updateConfigurationProperties("hbase-env",
         Collections.singletonMap("hbase_regionserver_xmn_ratio", "0.2"), false, false);
     expectLastCall();
+    
+    upgradeCatalog.updateConfigurationProperties("yarn-env",
+        Collections.singletonMap("min_user_id", "1000"), false, false);
+    expectLastCall();
 
     expect(entityManager.getTransaction()).andReturn(trans).anyTimes();
     expect(entityManager.getCriteriaBuilder()).andReturn(cb).anyTimes();

ambari-server/src/test/python/stacks/2.0.6/configs/default.hbasedecom.json

@@ -421,7 +421,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "hadoop-env": {
             "security_enabled": "false", 

ambari-server/src/test/python/stacks/2.0.6/configs/default.json

@@ -421,7 +421,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "hadoop-env": {
             "security_enabled": "false", 

ambari-server/src/test/python/stacks/2.0.6/configs/default.non_gmetad_host.json

@@ -415,7 +415,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "hadoop-env": {
             "security_enabled": "false", 

ambari-server/src/test/python/stacks/2.0.6/configs/ha_default.json

@@ -363,7 +363,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "hadoop-env": {
             "security_enabled": "false", 

ambari-server/src/test/python/stacks/2.0.6/configs/ha_secured.json

@@ -342,7 +342,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000" 
         }, 
         "hadoop-env": {
             "security_enabled": "false", 

ambari-server/src/test/python/stacks/2.0.6/configs/rebalancehdfs_default.json

@@ -219,7 +219,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "yarn-log4j": {
             "content": ""

ambari-server/src/test/python/stacks/2.0.6/configs/secured.json

@@ -464,7 +464,8 @@
             "yarn_heapsize": "1024", 
             "yarn_user": "yarn", 
             "resourcemanager_heapsize": "1024", 
-            "yarn_log_dir_prefix": "/var/log/hadoop-yarn"
+            "yarn_log_dir_prefix": "/var/log/hadoop-yarn",
+            "min_user_id": "1000"
         }, 
         "hadoop-env": {
             "security_enabled": "true", 

ambari-web/app/data/HDP2/site_properties.js

@@ -1964,6 +1964,17 @@ module.exports =
       "filename": "yarn-env.xml",
       "category": "Advanced yarn-env"
     },
+    {
+      "id": "puppet var",
+      "name": "min_user_id",
+      "displayName": "Minimum user ID for submitting job",
+      "isOverridable": true,
+      "displayType": "int",
+      "isVisible": true,
+      "serviceName": "YARN",
+      "filename": "yarn-env.xml",
+      "category": "Advanced"
+    },
     {
       "id": "puppet var",
       "name": "yarn_pid_dir_prefix",