[
https://issues.apache.org/jira/browse/METRON-796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15940802#comment-15940802
]
ASF GitHub Bot commented on METRON-796:
---------------------------------------
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/488#discussion_r107961358
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/params/params_linux.py
---
@@ -39,7 +39,7 @@
tmp_dir = Script.get_tmp_dir()
hostname = config['hostname']
-metron_group = config['configurations']['cluster-env']['metron_group']
+hadoop_group = config['configurations']['cluster-env']['user_group']
--- End diff --
I'll go ahead and move the config.
On the group issue, that is the group named 'hadoop'. The cluster level
config is named 'user_group', I have absolutely no idea why. I only called it
'hadoop_group' here, so it was more obvious it shouldn't be killed in the
future. If there are objections to calling it 'hadoop_group', I could also
carry it through as user_group and add a comment about the meaning in the
params file.
For example, in HDP stack
https://github.com/apache/ambari/blob/trunk/ambari-server/src/main/resources/stacks/HDP/2.0.6/configuration/cluster-env.xml#L158
```
<name>user_group</name>
<display-name>Hadoop Group</display-name>
<value>hadoop</value>
<property-type>GROUP</property-type>
<description>Hadoop user group.</description>
```
This declaration carried through a couple other stack definitions that I
looked at.
The use of this group also seems fairly common, e.g. in
https://github.com/apache/ambari/blob/trunk/ambari-server/src/main/resources/common-services/HDFS/2.1.0.2.0/package/scripts/hdfs.py#L60
```
if "hadoop-policy" in params.config['configurations']:
XmlConfig("hadoop-policy.xml",
conf_dir=params.hadoop_conf_dir,
configurations=params.config['configurations']['hadoop-policy'],
configuration_attributes=params.config['configuration_attributes']['hadoop-policy'],
owner=params.hdfs_user,
group=params.user_group
)
```
> Mpack uses wrong group for owning HDFS directories
> --------------------------------------------------
>
> Key: METRON-796
> URL: https://issues.apache.org/jira/browse/METRON-796
> Project: Metron
> Issue Type: Bug
> Reporter: Justin Leet
> Assignee: Justin Leet
>
> org.apache.hadoop.security.AccessControlException: Permission denied:
> user=storm, access=WRITE,
> inode="/apps/metron/indexing/indexed/snort/enrichment-null-0-0-1490305873514.json":metron:metron:drwxrwx
> The group got changed a bit ago from cluster_env.user_group (hadoop) to
> cluster_env.metron_group (metron). However, because everything right now
> runs as the storm user (which is in the hadoop group), it doesn't have perms
> to write anymore.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
