6 роки тому · a6e9d27c29
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/ContainerShellWebSocket.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/webapp/ContainerShellWebSocket.java
@@ -28,6 +28,7 @@ import org.apache.hadoop.classification.InterfaceAudience;
 
				 import org.apache.hadoop.classification.InterfaceStability;
			
 
				 import org.apache.hadoop.yarn.api.records.ContainerId;
			
 
				 import org.apache.hadoop.yarn.api.records.ShellContainerCommand;
			
 
				+import org.apache.hadoop.yarn.conf.YarnConfiguration;
			
 
				 import org.apache.hadoop.yarn.server.nodemanager.Context;
			
 
				 import org.apache.hadoop.yarn.server.nodemanager.ContainerExecutor;
			
 
				 import org.apache.hadoop.yarn.server.nodemanager.containermanager.container.Container;
			
@@ -115,6 +116,10 @@ public class ContainerShellWebSocket {
 
				         session.close(1008, "Forbidden");
			
 
				         return;
			
 
				       }
			
 
				+      if (checkInsecureSetup()) {
			
 
				+        session.close(1003, "Nonsecure mode is unsupported.");
			
 
				+        return;
			
 
				+      }
			
 
				       LOG.info(session.getRemoteAddress().getHostString() + " connected!");
			
 
				       LOG.info(
			
 
				           "Making interactive connection to running docker container with ID: "
			
@@ -180,4 +185,14 @@ public class ContainerShellWebSocket {
 
				     }
			
 
				     return authorized;
			
 
				   }
			
 
				+
			
 
				+  private boolean checkInsecureSetup() {
			
 
				+    boolean kerberos = UserGroupInformation.isSecurityEnabled();
			
 
				+    boolean limitUsers = nmContext.getConf()
			
 
				+        .getBoolean(YarnConfiguration.NM_NONSECURE_MODE_LIMIT_USERS, true);
			
 
				+    if (kerberos) {
			
 
				+      return false;
			
 
				+    }
			
 
				+    return limitUsers;
			
 
				+  }
			
 
				 }
			
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/resources/TERMINAL/terminal.template
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/resources/TERMINAL/terminal.template
@@ -104,6 +104,9 @@
 
				             case 1001:
			
 
				               term.write('Remote Connection going away.');
			
 
				               break;
			
 
				+            case 1003:
			
 
				+              term.write('Nonsecure mode is unsupported.');
			
 
				+              break;
			
 
				           }
			
 
				         });
			
 
				         term.open(container);