Strona główna Odkrywaj Pomoc
Zaloguj się
apache
/
hadoop
kopia lustrzana https://github.com/apache/hadoop.git
2
0
Forkuj 1
Pliki Problemy 0 Wiki
Drzewo: d75c1dd9cd
Gałęzie Tagi
hadoop
/
hadoop-common-project
/
hadoop-common
/
src
/
main
/
packages
/
templates
/
conf
/
hadoop-policy.xml

hadoop-policy.xml 9.9 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 
  1. <?xml version="1.0"?>
    2. 

  2. <?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
    3. 

  3. <!--
    4. 

  4.   Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5.   you may not use this file except in compliance with the License.
    6. 

  6.   You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10.   Unless required by applicable law or agreed to in writing, software
    11. 

  11.   distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.   See the License for the specific language governing permissions and
    14. 

  14.   limitations under the License. See accompanying LICENSE file.
    15. 

  15. -->
    16. 

  16. 

  17. <!-- Put site-specific property overrides in this file. -->
    18. 

  18. 

  19. <configuration>
    20. 

  20.   <property>
    21. 

  21.     <name>security.client.protocol.acl</name>
    22. 

  22.     <value>*</value>
    23. 

  23.     <description>ACL for ClientProtocol, which is used by user code
    24. 

  24.     via the DistributedFileSystem.
    25. 

  25.     The ACL is a comma-separated list of user and group names. The user and
    26. 

  26.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    27. 

  27.     A special value of "*" means all users are allowed.</description>
    28. 

  28.   </property>
    29. 

  29. 

  30.   <property>
    31. 

  31.     <name>security.client.datanode.protocol.acl</name>
    32. 

  32.     <value>*</value>
    33. 

  33.     <description>ACL for ClientDatanodeProtocol, the client-to-datanode protocol
    34. 

  34.     for block recovery.
    35. 

  35.     The ACL is a comma-separated list of user and group names. The user and
    36. 

  36.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    37. 

  37.     A special value of "*" means all users are allowed.</description>
    38. 

  38.   </property>
    39. 

  39. 

  40.   <property>
    41. 

  41.     <name>security.datanode.protocol.acl</name>
    42. 

  42.     <value>*</value>
    43. 

  43.     <description>ACL for DatanodeProtocol, which is used by datanodes to
    44. 

  44.     communicate with the namenode.
    45. 

  45.     The ACL is a comma-separated list of user and group names. The user and
    46. 

  46.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    47. 

  47.     A special value of "*" means all users are allowed.</description>
    48. 

  48.   </property>
    49. 

  49. 

  50.   <property>
    51. 

  51.     <name>security.inter.datanode.protocol.acl</name>
    52. 

  52.     <value>*</value>
    53. 

  53.     <description>ACL for InterDatanodeProtocol, the inter-datanode protocol
    54. 

  54.     for updating generation timestamp.
    55. 

  55.     The ACL is a comma-separated list of user and group names. The user and
    56. 

  56.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    57. 

  57.     A special value of "*" means all users are allowed.</description>
    58. 

  58.   </property>
    59. 

  59. 

  60.   <property>
    61. 

  61.     <name>security.namenode.protocol.acl</name>
    62. 

  62.     <value>*</value>
    63. 

  63.     <description>ACL for NamenodeProtocol, the protocol used by the secondary
    64. 

  64.     namenode to communicate with the namenode.
    65. 

  65.     The ACL is a comma-separated list of user and group names. The user and
    66. 

  66.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    67. 

  67.     A special value of "*" means all users are allowed.</description>
    68. 

  68.   </property>
    69. 

  69. 

  70.   <property>
    71. 

  71.     <name>security.inter.tracker.protocol.acl</name>
    72. 

  72.     <value>*</value>
    73. 

  73.     <description>ACL for InterTrackerProtocol, used by the tasktrackers to
    74. 

  74.     communicate with the jobtracker.
    75. 

  75.     The ACL is a comma-separated list of user and group names. The user and
    76. 

  76.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    77. 

  77.     A special value of "*" means all users are allowed.</description>
    78. 

  78.   </property>
    79. 

  79. 

  80.  
    81. 

  81.   <property>
    82. 

  82.     <name>security.job.submission.protocol.acl</name>
    83. 

  83.     <value>*</value>
    84. 

  84.     <description>ACL for JobSubmissionProtocol, used by job clients to
    85. 

  85.     communciate with the jobtracker for job submission, querying job status etc.
    86. 

  86.     The ACL is a comma-separated list of user and group names. The user and
    87. 

  87.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    88. 

  88.     A special value of "*" means all users are allowed.</description>
    89. 

  89.   </property>
    90. 

  90. 

  91.   <property>
    92. 

  92.     <name>security.task.umbilical.protocol.acl</name>
    93. 

  93.     <value>*</value>
    94. 

  94.     <description>ACL for TaskUmbilicalProtocol, used by the map and reduce
    95. 

  95.     tasks to communicate with the parent tasktracker.
    96. 

  96.     The ACL is a comma-separated list of user and group names. The user and
    97. 

  97.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    98. 

  98.     A special value of "*" means all users are allowed.</description>
    99. 

  99.   </property>
    100. 

  100. 

  101.  <property>
    102. 

  102.     <name>security.admin.operations.protocol.acl</name>
    103. 

  103.     <value>${HADOOP_HDFS_USER}</value>
    104. 

  104.     <description>ACL for AdminOperationsProtocol. Used for admin commands.
    105. 

  105.     The ACL is a comma-separated list of user and group names. The user and
    106. 

  106.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    107. 

  107.     A special value of "*" means all users are allowed.</description>
    108. 

  108.   </property>
    109. 

  109. 

  110.   <property>
    111. 

  111.     <name>security.refresh.usertogroups.mappings.protocol.acl</name>
    112. 

  112.     <value>${HADOOP_HDFS_USER}</value>
    113. 

  113.     <description>ACL for RefreshUserMappingsProtocol. Used to refresh
    114. 

  114.     users mappings. The ACL is a comma-separated list of user and
    115. 

  115.     group names. The user and group list is separated by a blank. For
    116. 

  116.     e.g. "alice,bob users,wheel".  A special value of "*" means all
    117. 

  117.     users are allowed.</description>
    118. 

  118.   </property>
    119. 

  119. 

  120.   <property>
    121. 

  121.     <name>security.refresh.policy.protocol.acl</name>
    122. 

  122.     <value>${HADOOP_HDFS_USER}</value>
    123. 

  123.     <description>ACL for RefreshAuthorizationPolicyProtocol, used by the
    124. 

  124.     dfsadmin and mradmin commands to refresh the security policy in-effect.
    125. 

  125.     The ACL is a comma-separated list of user and group names. The user and
    126. 

  126.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    127. 

  127.     A special value of "*" means all users are allowed.</description>
    128. 

  128.   </property>
    129. 

  129. 

  130. 

  131.   <!-- YARN Protocols -->
    132. 

  132. 

  133.   <property>
    134. 

  134.     <name>security.resourcetracker.protocol.acl</name>
    135. 

  135.     <value>${HADOOP_YARN_USER}</value>
    136. 

  136.     <description>ACL for ResourceTracker protocol, used by the
    137. 

  137.     ResourceManager and NodeManager to communicate with each other.
    138. 

  138.     The ACL is a comma-separated list of user and group names. The user and
    139. 

  139.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    140. 

  140.     A special value of "*" means all users are allowed.</description>
    141. 

  141.   </property>
    142. 

  142. 

  143.   <property>
    144. 

  144.     <name>security.admin.protocol.acl</name>
    145. 

  145.     <value>${HADOOP_YARN_USER}</value>
    146. 

  146.     <description>ACL for RMAdminProtocol, for admin commands. 
    147. 

  147.     The ACL is a comma-separated list of user and group names. The user and
    148. 

  148.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    149. 

  149.     A special value of "*" means all users are allowed.</description>
    150. 

  150.   </property>
    151. 

  151. 

  152.   <property>
    153. 

  153.     <name>security.client.resourcemanager.protocol.acl</name>
    154. 

  154.     <value>*</value>
    155. 

  155.     <description>ACL for ClientRMProtocol, used by the ResourceManager 
    156. 

  156.     and applications submission clients to communicate with each other.
    157. 

  157.     The ACL is a comma-separated list of user and group names. The user and
    158. 

  158.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    159. 

  159.     A special value of "*" means all users are allowed.</description>
    160. 

  160.   </property>
    161. 

  161. 

  162.   <property>
    163. 

  163.     <name>security.applicationmaster.resourcemanager.protocol.acl</name>
    164. 

  164.     <value>*</value>
    165. 

  165.     <description>ACL for AMRMProtocol, used by the ResourceManager 
    166. 

  166.     and ApplicationMasters to communicate with each other.
    167. 

  167.     The ACL is a comma-separated list of user and group names. The user and
    168. 

  168.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    169. 

  169.     A special value of "*" means all users are allowed.</description>
    170. 

  170.   </property>
    171. 

  171. 

  172.   <property>
    173. 

  173.     <name>security.containermanager.protocol.acl</name>
    174. 

  174.     <value>*</value>
    175. 

  175.     <description>ACL for ContainerManager protocol, used by the NodeManager 
    176. 

  176.     and ApplicationMasters to communicate with each other.
    177. 

  177.     The ACL is a comma-separated list of user and group names. The user and
    178. 

  178.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    179. 

  179.     A special value of "*" means all users are allowed.</description>
    180. 

  180.   </property>
    181. 

  181. 

  182.   <property>
    183. 

  183.     <name>security.resourcelocalizer.protocol.acl</name>
    184. 

  184.     <value>*</value>
    185. 

  185.     <description>ACL for ResourceLocalizer protocol, used by the NodeManager 
    186. 

  186.     and ResourceLocalizer to communicate with each other.
    187. 

  187.     The ACL is a comma-separated list of user and group names. The user and
    188. 

  188.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    189. 

  189.     A special value of "*" means all users are allowed.</description>
    190. 

  190.   </property>
    191. 

  191. 

  192.   <property>
    193. 

  193.     <name>security.job.task.protocol.acl</name>
    194. 

  194.     <value>*</value>
    195. 

  195.     <description>ACL for TaskUmbilicalProtocol, used by the map and reduce
    196. 

  196.     tasks to communicate with the parent tasktracker.
    197. 

  197.     The ACL is a comma-separated list of user and group names. The user and
    198. 

  198.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    199. 

  199.     A special value of "*" means all users are allowed.</description>
    200. 

  200.   </property>
    201. 

  201. 

  202.   <property>
    203. 

  203.     <name>security.job.client.protocol.acl</name>
    204. 

  204.     <value>*</value>
    205. 

  205.     <description>ACL for MRClientProtocol, used by job clients to
    206. 

  206.     communciate with the MR ApplicationMaster to query job status etc. 
    207. 

  207.     The ACL is a comma-separated list of user and group names. The user and
    208. 

  208.     group list is separated by a blank. For e.g. "alice,bob users,wheel".
    209. 

  209.     A special value of "*" means all users are allowed.</description>
    210. 

  210.   </property>
    211. 

  211.   
    212. 

  212.   <property>
    213. 

  213.     <name>security.ha.service.protocol.acl</name>
    214. 

  214.     <value>*</value>
    215. 

  215.     <description>ACL for HAService protocol used by HAAdmin to manage the
    216. 

  216.       active and stand-by states of namenode.</description>
    217. 

  217.   </property>
    218. 

  218.   <property>
    219. 

  219.     <name>security.zkfc.protocol.acl</name>
    220. 

  220.     <value>*</value>
    221. 

  221.     <description>ACL for access to the ZK Failover Controller
    222. 

  222.     </description>
    223. 

  223.   </property>
    224. 

  224. 

  225.    <property>
    226. 

  226.       <name>security.mrhs.client.protocol.acl</name>
    227. 

  227.       <value>*</value>
    228. 

  228.       <description>ACL for HSClientProtocol, used by job clients to
    229. 

  229.        communciate with the MR History Server job status etc. 
    230. 

  230.        The ACL is a comma-separated list of user and group names. The user and
    231. 

  231.        group list is separated by a blank. For e.g. "alice,bob users,wheel".
    232. 

  232.        A special value of "*" means all users are allowed.</description>
    233. 

  233.     </property>
    234. 

  234. 

  235. </configuration>
    236.