Support Questions
Find answers, ask questions, and share your expertise

Ambari as non root failing to register

Ambari as non root failing to register

Explorer

I’ve setup ambari to run as non-root user which has sudo access on the host with password. I’ve also setup ssh using the same sudo user. But I’m having trouble confirming hosts it says permission denied( publickey,.....). I’ve tested my ssh from server to all hosts works fine. Also /etc/hosts is updated with all hosts fqdn s.

Is the sudo with password causing the problem? @emaxwell

3 REPLIES 3
Highlighted

Re: Ambari as non root failing to register

Super Mentor

@Swaapnika Guntaka

The non-root functionality relies on sudo to run specific commands that require elevated privileges as defined in the Sudoer Configuration - Ambari Agents. The sudo configuration is split into these sections:

Have you setup the NOPASSWD as following while configuring sudoer.

# Ambari Customizable Users
ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su hdfs *,/bin/su ambari-qa *,/bin/su ranger *,/bin/su zookeeper *,/bin/su knox *,/bin/su falcon *,/bin/su ams *, /bin/su flume *,/bin/su hbase *,/bin/su spark *,/bin/su accumulo *,/bin/su hive *,/bin/su hcat *,/bin/su kafka *,/bin/su mapred *,/bin/su oozie *,/bin/su sqoop *,/bin/su storm *,/bin/su tez *,/bin/su atlas *,/bin/su yarn *,/bin/su kms *,/bin/su activity_analyzer *,/bin/su livy *,/bin/su zeppelin *,/bin/su infra-solr *,/bin/su logsearch *

Can you please double check if you have followed the doc for setting up "AmbariServer as Non Root" also if you are running agents also as non root then please check the following links:

https://docs.hortonworks.com/HDPDocuments/Ambari-2.5.2.0/bk_ambari-security/content/how_to_configure...

Also

https://docs.hortonworks.com/HDPDocuments/Ambari-2.5.2.0/bk_ambari-security/content/commands_agent.h...

.

Highlighted

Re: Ambari as non root failing to register

Explorer

@Jay SenSharma thanks for your reply. I haven’t setup the NOPASSWD thing. So my question was that, do I need sudo with NOPASSWD to proceed confirming hosts?

Highlighted

Re: Ambari as non root failing to register

Super Mentor

@Swaapnika Guntaka

The doc states that:

Configuring Ambari Agents to run as non-root requires that you manually install agents on all nodes in the cluster. For these details, see Installing Ambari Agents Manually. After installing each agent, you must configure the agent to run as the desired, non-root user.

https://docs.hortonworks.com/HDPDocuments/Ambari-2.5.2.0/bk_ambari-security/content/how_to_configure...