Support Questions

Hi vperiasamy and Namit Maheshwari,

Thank you very much for your reply. We are using HDP 2.5.3.

I am not seeing any error. The interesting thing is,

jkris03 is the owner of the directory with permission 400 in HDFS. But, when i tried to copy a file to the directory, it gave error like permission denied. But, the user rkurumb(my colleague) could able to copy file to the directory and i checked with other user(ftam) and he also got permission denied error. Since, there is no audit log, i could not see whether the ranger acl or hadoop acl is being enforced. We use Active Directory and it is synced with Apache Ranger. The group name i have used here is of Active Directory.

Hi Deepak,

Thanks for your reply. But, the parameter has already been configured.

For your infor, for hive plugin, it works well(audit source is solr).

But, for hdfs , i can see the log in "Admin" tab if i update the policy and the "Plugin" tab says the policy is synced. But

in the "Access" tab, i am not seeing any audits.

Note that, for the same service(hdfs) , I am seeing audits for other source but not mine(/tmp/ranger_test) .

ok , sorry i had misunderstood your question, So I think you are seeing audits for some of the hdfs operation on other resource but not for /tmp/ranger_test.

can you please check namenode logs, for the time when you performed operation , was there any error at that time in posting the logs to solr.

Now, it behaves differently. I updated the same policy. But still getting error while accessing the directory in hdfs. I think, the policy is not enforced. In the updated policy, there is no exclude condition, only the user jkris03 is allowed for the permission. Also, please look at the audits for the same service but the source is different. However, for the source datameer also, the ranger policy is not working, but we can see the audits. But, for my source, It is not displaying the audits too.