Ambari FileView cannot open or upload files "Unaut...

rvillanueva · ‎12-24-2019

Having problems uploading or opening files in Ambari (v2.7.3) FileView (HDP v3.1.0). Getting error

Unauthorized connection for super-user: root at <my local IP>

I configs that I think are relevant here are:

hadoop.proxyuser.hdfs.groups=*
hadoop.proxyuser.hdfs.hosts=*
hadoop.proxyuser.root.groups=*
hadoop.proxyuser.root.hosts=hw001.co.local

Have seen similar questions here (https://community.cloudera.com/t5/Support-Questions/Unauthorized-connection-for-super-user/m-p/10211...) but not sure the problems are totally analogous.

Anyone know how to fix or get more debugging info?

rvillanueva · ‎12-24-2019

Looking at more existing post here (https://community.cloudera.com/t5/Support-Questions/Unauthorized-connection-for-super-user-root-from...) and here (https://community.cloudera.com/t5/Support-Questions/File-View-Error-Unauthorized-connection-for-supe...) found that also needed to change

hadoop.proxyuser.root.hosts=*

Setting this in HDFS configs in ambari and restarting the service seems to have fixed the problem.

Could anyone help explain this config a bit more or link to docs explaining exactly what it does / means (ie. I hope it does not imply that root / super-user privileges are conferred to other users accessing HDFS in any way)? Found the docs here (https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-common/Superusers.html). Not much experience with HDFS admin, but

In other words super is impersonating the user joe

gives me some concern about security. Could anyone help allay these concerns?

ask_bill_brooks · ‎12-24-2019

[This question was moved here because it was posted 12-24-2019 to multiple threads previously marked 'Solved' as early as 10-22-2016 03:03 AM—Moderator]

Could you explain a bit (or link to docs) on what exactly the hadoop.proxyuser.$.hosts and hadoop.proxyuser.$.groups are (what they mean and why setting * helps here)?

rvillanueva · ‎12-24-2019

@jsensharma

Could you help explain the

hadoop.proxyuser.<USER>.hosts

config a bit more or link to docs explaining exactly what it does / means (ie. I hope it does not imply that root / super-user privileges are conferred to other users accessing HDFS in any way)? Found the docs here (https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-common/Superusers.html) and not much experience with HDFS admin, but

In other words super is impersonating the user joe

gives me some concern about security. Could anyone help allay these concerns?

ask_bill_brooks · ‎12-24-2019

[This question was moved here because it was posted 12-24-2019 to a thread previously marked 'Solved' 10-22-2016 03:03 AM —Moderator]

Could you help explain this hadoop.proxyuser.<user>.hosts config a bit more or link to docs explaining exactly what it does / means (ie. I hope it does not imply that root / super-user privileges are conferred or potentially accessible to other users accessing HDFS in any way)? Found the docs here (https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-common/Superusers.html) and not much experience with HDFS admin, but

In other words super is impersonating the user joe

gives me some concern about security. Could anyone help allay these concerns?

Ambari FileView cannot open or upload files "Unauthorized connection for super-user" even with hadoop.proxyuser.root.groups=*

Ambari FileView cannot open or upload files "Unauthorized connection for super-user" even with hadoop.proxyuser.root.groups=*

Re: Ambari FileView cannot open or upload files "Unauthorized connection for super-user" even with hadoop.proxyuser.root.groups=*

Could you help explain this hadoop.proxyuser.<user>.hosts config

Re: Unauthorized connection for super-user: root from IP 192.168.70.104 How to resolve???

Re: File View Error: Unauthorized connection for super-user: root from IP