Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Hi i am new to hadoop admin, i want to remove write access to all databases and file systems in production cluster and we are using hdp 2.1.5. can any one help me how to remove write access,which directory i should modified

avatar
Expert Contributor
 
1 ACCEPTED SOLUTION

avatar
Expert Contributor

Hi Sankar,

Are you using HDP cluster? If so, you can take an advantage of Ranger, which allow you to grant different permission to different users. You can lean more about Ranger via http://hortonworks.com/apache/ranger/

View solution in original post

5 REPLIES 5

avatar
Expert Contributor

Hi Sankar,

Are you using HDP cluster? If so, you can take an advantage of Ranger, which allow you to grant different permission to different users. You can lean more about Ranger via http://hortonworks.com/apache/ranger/

avatar
Expert Contributor

we dont have ranger..we are using HDP 2.1.5 , I think Ranger is available on 2.3 onwords. any other posibilities

avatar
Expert Contributor

You can use HDFS ACLS:

http://hortonworks.com/hadoop-tutorial/fine-grained-permissions-hdfs-files-hadoop-using-hdfs-acls/

And if you are using Hive, you can use storage based authorization as hive.security.authorization.manager in hive-site.xml, which uses HDFS ACL as permission to hive tables/databases.

avatar
@sankar rao

In simple solution you can try this as well.

hadoop fs -chmode -R 755 /apps/hive/warehouse/

Here DB owner is going to get read,write and execute, Group & others are going to get read and execute only.

you can explore Ranger and ACL functionality as well for implementing different level of access for users.

avatar
Expert Contributor

when i enter hadoop fs -ls /apps output is like below

drwxr-xr-x hdfs hdfs /apps/hive this means no write access for other ?please suggest me