question Re: Ranger Admin stops applying policy updates. in Archives of Support Questions (Read Only) https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-Admin-stops-applying-policy-updates/m-p/162941#M29307 <P><A rel="user" href="https://community.cloudera.com/users/2398/hyadav.html" nodeid="2398">@Harini Yadav</A></P><P>Please check this -</P><P>Ranger will always takes 1st precedence and then POSX permissions/HDFS acl's.</P><P>Also setting "xasecure.add-hadoop-authorization" = false in ranger-hdfs-security.xml in /etc/hadoop/conf will stop the fall back to HDFS ACL.</P><P>Please check below url's for more details -</P><P><A href="http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/" target="_blank">http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/</A></P><P><A href="https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range.html" target="_blank">https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range.html</A></P> Mon, 23 May 2016 18:33:17 GMT sshimpi 2016-05-23T18:33:17Z Ranger Admin stops applying policy updates. https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-Admin-stops-applying-policy-updates/m-p/162940#M29306 <P>1) Using HDFS DFS -ls command I see /apps/hive with permissions 777 </P><P>2) Modifying permissions on /apps/hive to 700 by using HDFS DFS -chmod command 3) Now going back to Ranger and modifying permissions to HDFS policy to add users to have access to path /apps/hive/warehouse. Ranger will no longer sync with HDFS</P> Mon, 23 May 2016 18:29:04 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-Admin-stops-applying-policy-updates/m-p/162940#M29306 hyadav 2016-05-23T18:29:04Z Re: Ranger Admin stops applying policy updates. https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-Admin-stops-applying-policy-updates/m-p/162941#M29307 <P><A rel="user" href="https://community.cloudera.com/users/2398/hyadav.html" nodeid="2398">@Harini Yadav</A></P><P>Please check this -</P><P>Ranger will always takes 1st precedence and then POSX permissions/HDFS acl's.</P><P>Also setting "xasecure.add-hadoop-authorization" = false in ranger-hdfs-security.xml in /etc/hadoop/conf will stop the fall back to HDFS ACL.</P><P>Please check below url's for more details -</P><P><A href="http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/" target="_blank">http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/</A></P><P><A href="https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range.html" target="_blank">https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range.html</A></P> Mon, 23 May 2016 18:33:17 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/Ranger-Admin-stops-applying-policy-updates/m-p/162941#M29307 sshimpi 2016-05-23T18:33:17Z