02-13-2019 06:57 AM
Hi, i need to create new user and grant to it few rules (on select of couple schemas).
i create group, create user, assign user to group, and see it in hdfs - and there're no groups.
1. sudo adduser tezd_user
2. sudo groupadd tezd_group
3. sudo usermod -a -G tezd_group tezd_user
4. groups tezd_user >> tezd_user : tezd_user tezd_group
5. hdfs groups tezd_user >> tezd_user :
So, user have no group - have to rules - have no access to any action in db.
How to set group for user, and how to get rules to user (i think, it makes by addition group to user)?
02-13-2019 09:45 PM
04-25-2019 11:29 PM
if I understood well, you want grant access to database schemas to the user, right?
In this case, there are two possible scenarios:
1) Kerberos and Sentry disabled:
in this case, if databases are from Hive, you must to configure HDFS folder´s permissions in order your OS user/group have access to HDFS filesystem where Hive databases are stored.
2) Kerberos and Sentry enabled:
this case is a little more extensive, because you must to take in mind point 1 considerations, and configure Sentry roles, Roles-groups assignment, kerbero´s users, ...
In this case you must to follow Cloudera´s Security Guide.