:
- Policy Admin
- Component plugins
Release 0.5
- Design
- Kafka integration
- Plugable plugin architecture
- Support near real-time query with HDFS auditing records
Thanks
Bosco
On Dec 11, 2014, at 11:03 PM, Don Bosco Durai bo...@apache.org wrote:
Can we look at the format followed
Hi Muthupandi
At an high level, it seems Hive is still using it’s native authorization. Can
you check the Audit in Ranger to see whether Ranger is auditing it?
Thanks
Bosco
On Dec 15, 2014, at 9:19 PM, Muthu Pandi muthu1...@gmail.com wrote:
Hi All
I have configured Ranger on
repository
correctly, after configuring hive repository and its name it use the ranger
authorization.
Great work Guys, Authorization look simple and effective.
Regards
Muthupandi.K
Think before you print.
On Wed, Dec 17, 2014 at 2:43 AM, Don Bosco Durai bo...@apache.org
to provide the Knox Repo creating example. Because
where i dont know what to provide in Knox url
Thanks all
With regards
Amithsha
On Fri, Dec 19, 2014 at 11:22 AM, Don Bosco Durai bo...@apache.org
mailto:bo...@apache.org wrote:
Hi Muthupandi
Glad to know it worked for you. Please continue
Check hdfs dfs -ls $folderName. In the case of HDFS, if Ranger doesn¹t find
any permission in it¹s policy database, then it falls back to HDFS
permission check. So make sure in the HDFS level, you have 700 or even 000
for the given folder and manage all the permissions via Ranger. We recommend
.
Original message
From: Don Bosco Durai bo...@apache.org
Date:29/04/2015 16:39 (GMT+00:00)
To: user@ranger.incubator.apache.org
Cc:
Subject: Re: Deleting users
Dale, do you want to delete some users which you created using the Ranger
UI?
Thanks
Bosco
On 4/29/15, 5:40 AM
.
Still, as I noticed some small mistakes, do you know how I can contribute to
the documentation improvement ?
Thanks for your help,
Loïc
De : Don Bosco Durai [mailto:bdu...@hortonworks.com] De la part de Don Bosco
Durai
Envoyé : mercredi 29 avril 2015 17:45
À : user
Dale,
Log aggregation is the recommended solution for high volume transaction. The
log summary will log only the unique request combination (user, resource,
action, IP,…) with the count for the interval. The interval is by default is
5 seconds, so in Hbase, if each RegionServer is handling 20K
Regarding extending Ranger authorizer classes, you have two options:
1. Use Ranger dynamic policies. This will allow you to write your own java
class and implement custom logic. You can use this in any Ranger permission.
This is been introduced in Apache Ranger 0.5, so there is not much
Prabu
Can you check this JIRA and let us know if it work?
https://issues.apache.org/jira/browse/RANGER-355
Thanks
Bosco
On 5/21/15, 4:57 AM, Prabu Soundar Rajan -X (prabsoun - MINDTREE LIMITED
at Cisco) prabs...@cisco.com wrote:
Hi Team,
We are experiencing the below issue in enabling the
Harish, can you check with version of Hadoop/HDFS is packaged in CDH 5.4?
Ranger 0.5 is compatible in HDFS 2.7.x and for versions before that you need
to use Ranger 0.4.
The install scripts is based on open source Hadoop version and assumes the
paths for configuration and libraries. I am not
- Ranger blog or tutorials
Some of the ranger documentation would be pertinent to the current
release.
On Tue, Jul 28, 2015 at 1:17 PM, Don Bosco Durai bo...@apache.org wrote:
We might need to do some rearrangement of the wiki pages to make it more
scalable. At the high level
Seems our email crossed each other
For Hadoop 2.6 you need to use Ranger 0.4. You can see the installation
document at
https://cwiki.apache.org/confluence/display/RANGER/Ranger+Installation+Guide
. For HDFS authorization you shouldn¹t see much difference between Ranger
0.4 and Ranger 0.5.
On Wed, Jul 29, 2015 at 3:22 PM, Aneela Saleem ane...@platalytics.com
wrote:
How can i see logs for ranger-hdfs plugin ?
Can you please have a look on install.properties file? is it correct?
On Wed, Jul 29, 2015 at 10:57 AM, Don Bosco Durai bo...@apache.org
wrote:
Yes, this issues seems
, using username
And where is xasecure-audit.xml file located?
On Wed, Jul 29, 2015 at 10:36 PM, Don Bosco Durai bo...@apache.org wrote:
Yes, either you have to upgrade Hadoop or use Ranger 0.4
Thanks
Bosco
From: Aneela Saleem ane...@platalytics.com
Reply-To: user
. And the problem was resolved.
Now heading towards LDAP user sync and having some issues. I'll start another
thread for this.
Regards,
Aneela Saleem
On Jul 30, 2015 4:32 AM, Don Bosco Durai bo...@apache.org wrote:
This is good. Are the access audits also showing up now?
Did you do anything
Ranger for HBASE
checkbox was not ticked.
Cheers,
Dale
Sent from my Samsung device
Original message
From: Don Bosco Durai bo...@apache.org
Date: 27/07/2015 17:59 (GMT+00:00)
To: user@ranger.incubator.apache.org
Subject: Re: Unable to start HBase
Dale
Does
-Lenovo-G50-70/192.168.1.4
http://192.168.1.4
/
On Wed, Jul 29, 2015 at 1:53 AM, Aneela Saleem ane...@platalytics.com
wrote:
hduser
On Wed, Jul 29, 2015 at 1:51 AM, Don Bosco Durai bo...@apache.org wrote:
This seems to be one
Repository Thing.
On Tue, Jul 28, 2015 at 5:17 PM, Aneela Saleem ane...@platalytics.com wrote:
Hi Bosco,
I did as you suggested but still getting same error.
On Tue, Jul 28, 2015 at 4:49 AM, Don Bosco Durai bo...@apache.org wrote:
The properties file looks good..
I am not sure whether
i proceed? Do you have any fruitful link, i should follow? (being a
novice)
On Tue, Jul 28, 2015 at 10:04 PM, Don Bosco Durai bo...@apache.org wrote:
Aneela
The document you linked is for Apache Ranger 0.4. There subtle changes in
Apache Ranger 0.5.
Just curious, how you were able
Ranger Admin?
On Tue, Jul 28, 2015 at 10:48 PM, Don Bosco Durai
bo...@apache.orgmailto:bo...@apache.org wrote:
Yes, this is link I was about to redirect you to.
Sorry, I might have assumed incorrectly on your initial question. ./setup.sh is
called only for installing RangerAdmin. Good it seems you
org.apache.hadoop.hdfs.server.namenode.NameNode:
Failed to start namenode.
java.io.IOException: NameNode is not formatted.
On Wed, Jul 29, 2015 at 12:22 AM, Don Bosco Durai bo...@apache.org wrote:
Anything in the namenode log file?
Thanks
Bosco
From: Aneela Saleem ane...@platalytics.com
,org.apache.hadoop.hdfs.web.resources.TokenKindParam,org.apache.hadoop.h
dfs.web.resources.TokenServiceParam) throws
java.io.IOException,java.lang.InterruptedException, with URI template, /, is
treated as a resource method
On Wed, Jul 29, 2015 at 12:50 AM, Don Bosco Durai bo...@apache.org wrote:
I have
so much Bosco. I created JIRA for this. Can be found here
https://issues.apache.org/jira/browse/RANGER-582
Let me try UserSync, then i will approach yyou in case of any problem.
On Tue, Jul 28, 2015 at 11:28 PM, Don Bosco Durai bdu...@hortonworks.com
wrote:
Good. I already typed it, so let
assembly: Error creating
assembly archive src: Problem creating TAR: request to write '8192' bytes
exceeds size in header of '566424' bytes
On Tue, Aug 4, 2015 at 9:12 PM, Don Bosco Durai bo...@apache.org wrote:
I don¹t see anything obviously wrong. Can you try after deleting the folder
again.
Dale, can you please confirm the checkbox is present after adding to the
custom properties. Thanks.
On Wed, Jul 29, 2015 at 12:46 PM, Don Bosco Durai bo...@apache.org wrote:
Dale, can you answer Balaji¹s question? This will help us to understand the
root cause.
Vel/Gautam, any tips
We might need to do some rearrangement of the wiki pages to make it more
scalable. At the high level, this is the principal we originally organized
the wiki pages:
1. Dashboard/Index page as the link to all important pages and links
2. Top level page tree is limited to top level pages (so we can
This seems to be one of the reason HDFS plugin is not enabled. As what user
have you installed Hadoop?
Thanks
Bosco
From: Aneela Saleem ane...@platalytics.com
Reply-To: user@ranger.incubator.apache.org
user@ranger.incubator.apache.org
Date: Tuesday, July 28, 2015 at 1:31 PM
To:
@ranger.incubator.apache.org
Subject: Re: Error Setting up Ranger-Admin
Yes the command is working
On Wed, Jul 29, 2015 at 1:11 AM, Don Bosco Durai bo...@apache.org wrote:
Did the original startup issue get resolved?
Your errors seems to be coming from WebHDFS. Can we check whether “hdfs
Hafiz
After rolling back the change, can you try building this on another
computer? This issue seems to be specific to the environment you are using
to build.
Thanks
Bosco
From: Hafiz Mujadid hafizmujadi...@gmail.com
Reply-To: user@ranger.incubator.apache.org
, August 7, 2015 at 4:34 AM
To: user@ranger.incubator.apache.org user@ranger.incubator.apache.org
Subject: Re: ranger startup exception
solved issue on another machine and rolling back to previous commit
thanks
On Fri, Aug 7, 2015 at 2:41 PM, Don Bosco Durai bo...@apache.org wrote:
Hafiz
then upgraded Ambari to
2.1 which is when HBase failed to run as the Enable Ranger for HBASE
checkbox was not ticked.
Cheers,
Dale
Sent from my Samsung device
Original message
From: Don Bosco Durai bo...@apache.org
Date: 27/07/2015 17:59 (GMT+00:00)
To: user
The properties file looks good..
I am not sure whether it is because of python 2.7. Is it possible for you to
use python 2.6?
Try changing the below to where 2.6 is installed.
PYTHON_COMMAND_INVOKER=python
Thanks
Bosco
From: Aneela Saleem ane...@platalytics.com
Reply-To:
Hive uses the same core-site.xml settings as HDFS. So if the group mapping
work in HDFS, then it should work in Hive also.
And if the user and groups are in linux/unix, then it should have been
support out of the box.
What version of Hive are you using? (It shouldn¹t matter)
Thanks
Bosco
Kashif
I don’t think Ranger currently has support for writing policy update audits to
file. Would you be able to create a JIRA for this? I think, this should be
straight forward to implement. In most Hadoop projects, they use log4j appender
to write to file. We could do the same. Hopefully,
Arvind
Does your env as Kerberos?
Bosco
From: Arvind S
Reply-To:
Date: Monday, November 16, 2015 at 2:34 AM
To:
Subject: Question regarding "ranger policy User" for HDFS hive etc
My setup has
6, 2015 at 8:23 PM
To: <user@ranger.incubator.apache.org>
Subject: Re: Question regarding "ranger policy User" for HDFS hive etc
yes cluster is kerberized..and is already using AD.
Cheers !!
Arvind
On Tue, Nov 17, 2015 at 2:11 AM, Don Bosco Durai <bo...@apache.org> wrote:
t and should not appear in the UI.
Users who really need exceptions can turn it on.
On Thu, Oct 15, 2015 at 11:35 AM, Don Bosco Durai <bo...@apache.org> wrote:
>Allow and Deny in the same policy and deduce that user "Scott" can access the
>resource while anyone else in group &q
d not appear in the UI.
Users who really need exceptions can turn it on.
On Thu, Oct 15, 2015 at 11:35 AM, Don Bosco Durai <bo...@apache.org> wrote:
>Allow and Deny in the same policy and deduce that user "Scott" can access the
>resource while anyone else in group "interns&q
2:39 PM, Don Bosco Durai <bo...@apache.org> wrote:
Aneela,
For Hbase, Ranger follows the same behavior as Hbase. If the user has
permission to the column, the get will return the value and if the user doesn’t
have access to the column, then it won’t return anything.
To test, you can try crea
Based on your other email, it seems you get Hbase plugin installed properly.
Was it just the permission or you had to do anything more?
Thanks
Bosco
From: Don Bosco Durai
Reply-To: <user@ranger.incubator.apache.org>
Date: Sunday, October 11, 2015 at 9:47 PM
To:
by
adding a deny-exclude, as shown below:>>
In the wiki, we have created a "deny" policy for intern group and an exception
for Scott. First of all, why cannot user clearly specific users or groups that
would need specific access. Why is there a need to give access to finance group
as
@Hanish, the documentation is incorrect. We should be using branch ranger-0.5
for Apache Ranger 0.5.
@Dilli, I agree with you. We should standardize the release branch and
subsequent dot (patch) release branches.
Seems 0.5 branch has been free flowing for sometime, can we plan to release
- Villeurbanne
2015-08-26 17:47 GMT+02:00 Don Bosco Durai bo...@apache.org:
Loïc, sorry I am trying to understand the issue here.
n my case, on HBaseMaster and in Ranger database, the group I made policies
for was called sysadmin when on the nodes containing the RegionServers it
was called
Mack, do you unlimited JCE installed on your system for the JDK you are
using?
Thanks
Bosco
From: Mack Hendricks mhendri...@hortonworks.com
Reply-To: user@ranger.incubator.apache.org
user@ranger.incubator.apache.org
Date: Saturday, August 22, 2015 at 2:29 AM
To:
wrote:
>> I guess no JDK changes. And i re-checked certificate infact generated a new
>> one. Still same issue.
>>
>> On Thu, Oct 1, 2015 at 6:16 PM, Dilli Dorai <dilli.do...@gmail.com> wrote:
>>> Aneela,
>>> Please check whether the certificate has
Any other changes you can think of? JDK changes, etcs?
Thanks
Bosco
From: Aneela Saleem
Reply-To:
Date: Wednesday, September 30, 2015 at 9:37 PM
To:
Subject: Re: Issues with usersync (LDAPS
What is happening here? Is the directory getting created?
Thanks
Bosco
From: Hafiz Mujadid
Reply-To:
Date: Sunday, November 29, 2015 at 1:44 PM
To:
Subject: Group level permission are not
3.jar in hbase/lib again. Place
httpcore-4.2.5.jar in ranger-hbase-plugin-impl folder. And now it's also
working.
Bosco! there is no http-core by default in hbase-plugin and http-client in hdfs
plugin. I think it should be there by default.
Thanks
On Sun, Dec 6, 2015 at 11:59 PM, D
Aneela, thanks
Madhan, we should have both the jars in our plugin impl folder and make sure it
works.
Aneela, if you don't mind, can you do one experiment? Can you revert your
change? Have the old httpcore in the hbase lib folder, but add the 4.2.5 in the
ranger-impl folder (check under lib
EDeniedhadoop-acl192.168.23.1051
I want to know why audits are showing that it is because of hadoop-acl not
ranger-acl?
Thanks
On Wed, Dec 2, 2015 at 9:37 AM, Don Bosco Durai <bo...@apache.org> wrote:
You don’t need to. Since auditing is working, you can check who gave the
permission with
Aruna, can you give more detail on what you are trying to achieve?
I was searching for integration design diagram, but couldn’t find one. We will
work on creating one. In the meanwhile, here is the high level.
Ranger plugins run within the component process.
It gives a light java library, which
Also, don’t forget to change your umask to 077 or 007.
This email thread as lot of context:
https://www.mail-archive.com/user@ranger.incubator.apache.org/msg00719.html
Bosco
From: Margus Roo
Reply-To:
Date: Thursday, December 17, 2015 at
Chris
Ranger plugin uses the same user/group made available by the component. So in
your case, Hbase is getting the service user, which I assume is you
“springboot” app user.
You might want to do couple of things:
Check Hbase logs to see if there are any errors (like impersonation not allowed
y is being created.
On Mon, Nov 30, 2015 at 2:47 AM, Don Bosco Durai <bo...@apache.org> wrote:
What is happening here? Is the directory getting created?
Thanks
Bosco
From: Hafiz Mujadid <hafizmujadi...@gmail.com>
Reply-To: <user@ranger.incubator.apache.org>
Date: Sunday, Nov
I think, we need to look into this issue. The trunk should have worked with the
latest Hadoop, unless something changed on Hadoop side.
I don’t have bandwidth this week, can you anyone investigate this?
Hafiz, if you still have the old logs, can you send some lines above the
exception you
The properties seems correct. Best way to test is to :
Check the HDFS logs.
Check Solr from web interface (use the same url you configured)
See if there are any unprocessed files in /var/log/hadoop/hdfs/audit/solr/spool
Bosco
From: Hafiz Mujadid
Reply-To:
nership of all folders in hdfs with hduser:hadoop
but still group level permissions are not working.
my audits are not working, i am trying to figure out the issue with audits. i
will let you know when audits are available.
thanks
On Mon, Nov 30, 2015 at 9:34 AM, Don Bosco Durai <bo...
plugin and Ranger
Admin. Can you please review and update such that they both point to the same
Solr instance?
properties for hdfs plugin:
XAAUDIT.SOLR.URL=http://192.168.23.105:6083/solr/ranger_audits
properties in ranger-admin:
audit_solr_urls=http://122.129.79.70:6083/solr/ranger_audits
Madhan
Hi Shashi
Did you get any answers for this question? It seems you don’t have
authorization to create the key. Did you give permission from Ranger Admin?
Bosco
From: Shashi Vishwakarma
Reply-To:
Date: Wednesday, June 1, 2016 at
Report: www.lloydsbankinggroup-cr.com/downloads
From: Don Bosco Durai [mailto:bo...@apache.org]
Sent: 22 June 2016 08:03
To: user@ranger.incubator.apache.org
Subject: Re: Existing Solr Cloud + Ranger Audit
-- This email has reached the Bank via an external source --
Yes, you could.
Yes, you could.
https://cwiki.apache.org/confluence/display/RANGER/Install+and+Configure+Solr+for+Ranger+Audits+-+Apache+Ranger+0.5#InstallandConfigureSolrforRangerAudits-ApacheRanger0.5-SelfInstall
Bosco
From: "Ellis, Tom (Financial Markets IT)"
Reply-To:
[/]
from Hadoop environment
Yes sure, how do I do that without a log in?
From: Don Bosco Durai [mailto:bo...@apache.org]
Sent: 16 June 2016 19:29
To: user@ranger.incubator.apache.org
Subject: Re: HDFS Plugin - Unable to get listing of files for directory [/]
from Hadoop environment
Yes, you need to need delete rows from this table. The recommendation is to
create partitions in database, so it is easy to drop the partition. If you are
going to run “DELETE” syntax, you have to be careful of redo logs in the
database.
The recommendation is to use SolrCloud, because it has
Ideally, we should only permit minimal permission to ambari-qa for service
check. E.g. We should create a topic just for service check and give permission
to ambari-qa only to that topic. We should do the same for all the services.
Lune, one workaround for you now is to see which topic or calls
currently the stand by node?
Thanks Velmurugan & Bosco.
From: Don Bosco Durai [mailto:bo...@apache.org]
Sent: 16 June 2016 08:16
To: user@ranger.incubator.apache.org
Subject: Re: HDFS Plugin - Unable to get listing of files for directory [/]
from Hadoop environment
Sorry
Just curious, since plugins are initiating the request, do you need anything on
the admin side?
Thanks
Bosco
From: Lune Silver
Reply-To:
Date: Friday, June 24, 2016 at 10:45 AM
To:
Subject:
2016 at 10:51 AM
To: <user@ranger.incubator.apache.org>
Subject: Re: Custom truststore for ranger admin
Yeah when ssl is set to "want", you need to get the certificate of the plugin
and to add it to the truststore of the admin.
Le 24 juin 2016 19:47, "Don Bosco Durai"
user.hive.groups to
'*'. We are trying to find a cleaner solution and to understand why that has
changed.
Anyway, sorry for having posted on the Ranger mailing list a non-Ranger issue.
And thanks for your help.
Julien
2016-01-08 21:50 GMT+01:00 Don Bosco Durai <bo...@apache.org>:
Julien
Sorry to hijack the thread…
Since it is common practice and sometimes required to have the HDFS properties
be available on each node. Should we consider just loading the HDFS related
properties directly from the HDFS properties file? In this way, we only need to
provide to take the path to the
Also, if I am not wrong, they have different set of properties.
Thanks
Bosco
From: Velmurugan Periasamy
Reply-To:
Date: Thursday, April 21, 2016 at 9:25 AM
To: "user@ranger.incubator.apache.org"
I think Ramesh added this feature. Ramesh is it documented anywhere?
Thanks
Bosco
From: Lune Silver
Reply-To:
Date: Thursday, April 21, 2016 at 2:48 AM
To:
Subject: Re: About the size of
bator.apache.org" <user@ranger.incubator.apache.org>
Subject: Re: Loading config error
That is correct. Kafka 0.9.0.1
Lawrence Weikum | Software Engineer | Pandora
1426 Pearl Street, Suite 100, Boulder CO 80302
m 720.203.1578 | lwei...@pandora.com
From: Don Bosco Durai
There is an implicit check done by HiveServer2 to make sure the user has access
to the external files. You are correct, at the HDFS level, each file permission
is individually checked.
What sort of error are you getting in hive log file? And is there any error on
the HDFS side?
Thanks
Bosco
Lawerence, also are you using Ambari or manual install?
Thanks
Bosco
From: Ramesh Mani
Reply-To:
Date: Friday, May 6, 2016 at 2:04 PM
To: "user@ranger.incubator.apache.org"
Subject: Re: Loading
Native dashboard features like faceting, etc.
Easy to write your own custom application on top of it
Apache open source
In other words, Solr is a great product on its own :-)
Thanks
Bosco
From: Rehan Ahmed Ch <chre...@gmail.com>
Date: Monday, April 11, 2016 at 2:10 AM
To: Don Bosco Dur
Ravi, you can also look into this blog from Balaji.
https://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/
Bosco
From: ravi teja
Reply-To:
Date: Tuesday, August 2, 2016 at 11:30 PM
To:
I don’t have the full context, but there are few things you can look into:
1. The user should be full Kerberos principal and not just “admin”
2. If you are using Kebereros and Sun JDK, then you need to additional
JCE unlimited strength package. But if Kerberos is already working
work either.
On Sat, Aug 13, 2016 at 8:12 AM, Don Bosco Durai <bo...@apache.org> wrote:
I don’t have the full context, but there are few things you can look into:
1. The user should be full Kerberos principal and not just “admin”
2. If you are using Kebereros and Sun JDK
ject where I
had an error in the JSON payload. I listed the requests that I still have
problems with, namely,
Get service definition by name
Update policy by service-name and policy-name
Delete policy by service-name and policy-name
Search policies in a service
I forgot to mentio
Aaron, are you still having this issues? Your previous mail said that you found
errors in the log file.
Thanks
Bosco
From: "Stromas, Aaron"
Reply-To:
Date: Tuesday, July 19, 2016 at 1:17 PM
To:
Aneela,
Also see, if the Docker based build works for you? I have attached the script
to the JIRA.
https://issues.apache.org/jira/browse/RANGER-1137
#This script creates the Docker image (if not already created) and runs maven
in the container
#1. Install Docker
#2. Checkout Ranger
Team
The HAWQ community is working on integrating Ranger as one of their
authorization provider. The HAWQ JIRA
https://issues.apache.org/jira/browse/HAWQ-256 has the high level design
document and also there is a long discussion around the topic.
Since HAWQ is written in C/C++, the plan is to
I don’t know whether these are explicitly documented. You can see the details
in the service definition for each of the components supports natively. All the
service definitions are in this location
agents-common/src/main/resources/service-defs. They are pretty simple and
straight forward.
sten
Pfläging, Jörg Staff
Vorsitzender des Aufsichtsrats: Jürgen Brinkmann
Don Bosco Durai ---06.09.2016 18:41:06---Hi Loïc
Von: Don Bosco Durai <bo...@apache.org>
An: <user@ranger.incubator.apache.org>
Datum: 06.09.2016 18:41
Betreff: Re: User running job in forbidden queue
Hi Loïc
J
,
Loïc
Loïc CHANEL
System Big Data engineer
MS - WASABI - Worldline (Villeurbanne, France)
2016-09-06 18:40 GMT+02:00 Don Bosco Durai <bo...@apache.org>:
Hi Loïc
Just curious, was the audit log helpful? I understand, this could be
frustrating, so during the last couple of rel
Lune
The version before Ranger 0.6 might not work well with authentication. Even
though, it might have been easy for us to support basic or digest auth, but I
think, we missed it.
The background is, Solr 5.2 introduced support for Kerberos and Solr 5.3
started natively supporting Basic
Benjamin, thanks for letting us know. It is always difficult to diagnosis
Kerberos related issues. Glad you were able to resolve it quickly.
Regards
Bosco
From: Benjamin Ross
Reply-To:
Date: Friday, August 26, 2016 at
[Copied user and dev group]
Hello
I personally have not tested with Solr’s basic auth. All my testing was with
Kerberos.
Which Ranger version are you using? Looking at the line numbers, it doesn’t
seem to be Ranger 0.6
Bosco
From: "方久鑫 (fangheart)"
Hi Ben
> Alternatively, is there any way to add the user DOMAIN\build to ranger?
Ranger uses the same username that is used by HDFS. And that will depend on how
your core-site.xml is configured or how the users are materialized on the linux
boxes. You can check the Ranger Audits to see what
Da
Madhan is the original author for the audit framework in Ranger 0.4 release.
One quick feedback is, if you are using HDP, which in turn uses Ambari, then
any manual configuration you might do will be overwritten.
The best way to debug log4j related issues, is to create a file appender
Aneela, Benjamin is correct. Hadoop supports pluggable KMS. Apache Ranger
extends the Hadoop KMS, so you should be able to just plugin easily later.
Just FYI, Ranger KMS stores the keys in database and optionally HSM. It also
uses Ranger Plugin for authorization and audit.
In addition
Is this for Ranger or Hive?
Bosco
From: Anandha L Ranganathan
Reply-To:
Date: Thursday, January 5, 2017 at 12:16 PM
To:
Subject: Re: Unable to connect to S3 after enabling Ranger with Hive
it?
Thanks
Bosco
From: fangheart <fanghe...@fangheart.win>
Date: Wednesday, December 28, 2016 at 4:38 PM
To: Don Bosco Durai <bo...@apache.org>
Subject: Re: ranger solr-plugin
Thank you very much for your reply.if you can support the kerberoes for
ranger admin,i
I feel we should have a matrix for the component versions supported by each
Ranger release. Having it on the main page will be good.
https://cwiki.apache.org/confluence/display/RANGER/Index
One more thing I noticed is that the Installation and User guide is still
pointing to release 0.5.
Also, Anandha, were you able to create any other user in your database? If so,
what was the syntax and DB user you used?
Thanks
Bosco
From: Pradeep Agrawal
Reply-To:
Date: Tuesday, January 3, 2017 at 7:27 PM
Thanks.
On Wed, Jan 4, 2017 at 12:47 AM, Don Bosco Durai <bo...@apache.org> wrote:
Gautam, this is mostly how to setup Apache Ranger to run in Kerberos mode. I
know, when installed via Ambari, we create the Ranger Admin and Lookup user
keytabs and appropriate properties are automati
if any changes were done to the setup script for Solr
plugin support. The script is generic for all components.
On Mon, Jan 2, 2017 at 11:15 PM, Don Bosco Durai <bo...@apache.org> wrote:
The latest release supports Kerberos. However, the setup is done via Apache
Ambari. I am not sure wh
if you need help on setting up Kerberos for Ranger Admin.
Bosco
From: "方久鑫 (fangheart)" <fanghe...@fangheart.win>
Date: Friday, October 28, 2016 at 1:20 AM
To: Don Bosco Durai <bo...@apache.org>
Subject: Re: Re: ranger solr-plugin
my version is 0.6. And now
We should be able to do this.
Vel, can we can make this part of our post-release checklist?
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=65867946
Thanks
Bosco
From: Lars Francke
Reply-To:
Date:
100 matches
Mail list logo