If you are not running with security enabled (aka Kerberos), then no
privilege checking is performed so you should not have to add the Trafodion
ID.
If you are running with Kerberos enabled, then you need to give the
trafodion ID necessary privileges in HBase and HDFS. This, of course,
requires a Trafodion principal defined in Kerberos.
For example, in HBase, after creating and setting up your Kerberos ID, you
grant trafodion privileges:
$ sudo -u hbase hbase shell
grant 'trafodion', 'RWXCA'
exit
Roberta
*From:* Gunnar Tapper [mailto:[email protected]]
*Sent:* Wednesday, February 3, 2016 2:19 PM
*To:* [email protected]
*Subject:* Trafodion user security
Hi,
>From what I understand, Trafodion runs under its own user ID and group,
which needs sudo access to the ip and arping Linux utilities.
However, it's not clear to me if this user ID need to be added to HDFS and
HBase, too?
--
Thanks,
Gunnar
*If you think you can you can, if you think you can't you're right.*
