Support Questions
Find answers, ask questions, and share your expertise

Namenode logs access control

Contributor

How to restrict access to Name node logs for a particular users/groups?

1 ACCEPTED SOLUTION

Hi @AR, the '/logs' servlet is admin-only. There is no way to expose it to non-privileged users.

HDFS administrators are configured via dfs.cluster.administrators, although you obviously don't want to add arbitrary users to this list just to get logs servlet access.

View solution in original post

5 REPLIES 5

@AR That will based on your POSIX access level. Chmod and Chown

Make sure users are not part of hdfs/hadoop group.

Don't let users login to Master nodes. Restrict access to edge nodes only

Contributor

@Neeraj Sabharwal Thank you for your response. But what if we need to allow users to view the logs (read only) through Ambari only not even edge node access.

just this url access

http://domainame:50070/logs/

@AR

See this

Hint : it may not be exact solution

http://hortonworks.com/blog/hadoop-groupmapping-ldap-integration/

Hi @AR, the '/logs' servlet is admin-only. There is no way to expose it to non-privileged users.

HDFS administrators are configured via dfs.cluster.administrators, although you obviously don't want to add arbitrary users to this list just to get logs servlet access.

; ;