Community Articles

Find and share helpful community-sourced technical articles.
Labels (2)

SYMPTOM : Immediately after exporting HDFS directories via NFS , some of the directories start throwing permission denied errors to authorized users added in Ranger policies.

ROOT CAUSE : NFS neither honors Ranger policies nor HDFS ACLs. If a directory has HDFS permission bits such as 000 and access is controlled fully via Ranger, this directory won’t be exported at all. Messages such as below can be seen in NFS gateway logs :-

2016-07-27 17:35:19,071 INFO mount.RpcProgramMountd ( - Path /test1 is not shared. 

2016-07-27 17:35:37,297 INFO mount.RpcProgramMountd ( - Path /test2 is not shared. 

2016-07-27 17:39:34,581 INFO mount.RpcProgramMountd ( - Giving handle (fileId:12345) to client for export /

Even if the directory gets exported due to some available permissions, effective permission bits are only from HDFS and not from Ranger policies.

0 Kudos
Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.
Version history
Last update:
‎10-21-2016 02:01 PM
Updated by:
Top Kudoed Authors