Re: HDFS-plugin does nothing

Thu, 17 Dec 2015 11:34:11 -0800 

Also, don’t forget to change your umask to 077 or 007.

This email thread as lot of context: 
https://www.mail-archive.com/[email protected]/msg00719.html

Bosco


From:  Margus Roo <[email protected]>
Reply-To:  <[email protected]>
Date:  Thursday, December 17, 2015 at 5:12 AM
To:  <[email protected]>
Subject:  Re: HDFS-plugin does nothing

    
 Tnx - clear 
 
Margus (margusja) Roo
http://margus.roo.ee
skype: margusja
+372 51 48 780
 
On 17/12/15 15:07, Selvamohan Neethiraj wrote:
 
 
  
Please do NOT change permission to 000 for all files. You should do it only to 
your own application folders and/or well-known folders.
 

 
 
Thanks,
 
Selva-
 

 
 
 
 
 
On Dec 17, 2015, at 7:56 AM, Margus Roo <[email protected]> wrote:
 
 
 
Found solution. Basically helped hdfs dfs -chmod -R 000 /user/margusja and now 
Ranger took over.
 So how to disable Hadoop HDFS built in authorization? Or I have to chmod -R 
000 / ?
 
 
Margus (margusja) Roo
http://margus.roo.ee
skype: margusja
+372 51 48 780
 
On 17/12/15 14:30, Margus Roo wrote:
 
 
Hi thanks for answer.
 
 At the moment margusja is in group margusja
 
 [margusja@hadoopnn2 ~]$ id margusja
 uid=1016(margusja) gid=1016(margusja) groups=1016(margusja)
 
 
Margus (margusja) Roo
http://margus.roo.ee
skype: margusja
+372 51 48 780
 
On 17/12/15 14:25, lukas nalezenec wrote:
 
 
 
 
Hi,
 
I solved this problem last week. I am also using SIMPLE auth. 
 
If you are solving the same problem then after removing user margusja from 
group hdfs it should work.
 

 
 
Lukas
 
 

 
2015-12-17 13:20 GMT+01:00 Margus Roo  <[email protected]>:
 
 Hi
 
 I am new Ranger user and perhaps I did something wrong.
 
 Installed Ranger via Ambari. I can log into Ranger UI and all Unix local users 
are synced and there is configuration under HDFS resource and test connection 
gives OK.
 I can see loads of hdfs@... records with 200 under audit plugins tab.
 
 Now I am a little confused.
 
 I can still do all operations with HDFS. Like there is no ranger hdfs plugin 
activated.
 in namenode I see:
   authorize.ServiceAuthorizationManager 
(ServiceAuthorizationManager.java:authorize(135)) - Authorization successful 
for margusja (auth:SIMPLE) for protocol=interface 
org.apache.hadoop.hdfs.protocol.ClientProtocol
 
 But I do not have any rules for margusja in Ranger.
 What I expect is that user margusja will get permission denied.
 
 I use hdfs simple auth not kerberos. Is is possible use ranger authorization 
without kerberos?
 
 
 -- 
 Margus (margusja) Roo
 http://margus.roo.ee
 skype: margusja
 +372 51 48 780

Reply via email to