On 21 July 2017 at 04:04, Erik Krogen <[email protected]> wrote: > Hi Kevin, > > Since you are using the "jhs" keytab with principal "jhs/[email protected]", > the JHS is authenticating itself as the jhs user (which is the actual > important part, rather than the user the process is running as). If you want > it to be the "mapred" user, you should change the keytab/principal you use > (mapred.jobhistory.{principal,keytab}).
I'll certainly give that a go Erik, however, the way I read the >> The hadoop-2.8.0 docs SecureMode page also suggests that one would need to >> play around with the >> >> hadoop.security.auth_to_local bits suggested to me that if you set things up such that ======= $ hadoop org.apache.hadoop.security.HadoopKerberosName jhs/[email protected] 17/07/20 17:42:50 INFO util.KerberosName: Non-simple name mapred/[email protected] after auth_to_local rule RULE:[2:$1/$2@$0](jhs/.*)s/jhs/mapred/ Name: jhs/[email protected] to mapred/[email protected] ==== (or even used a rule that just mapped the principal to a simple "mapred" because I tried that too !) told you it was remapping the user, then it would remap for all instances of the user, within the Hadoop instance.. Let's see. Cheers again for the feedback. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
