Support Questions
Find answers, ask questions, and share your expertise
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Cloudera Community
- Support
- Support Questions
- Ranger Admin is failing to Install
Options
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Solved
Go to solution
Ranger Admin is failing to Install
Labels:
- Labels:
-
Apache Ambari
-
Apache Ranger
Guru
Created 01-05-2016 08:58 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Below is the error I am getting: ( Its HDP2.3.2, Ambari2.1.2.1, Umask is set to 0027 and Ambari Server/Agent runs as non-root user)
stderr: /var/lib/ambari-agent/data/errors-1353.txt
Traceback (most recent call last):
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py", line 124, in <module>
RangerAdmin().execute()
File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 216, in execute
method(env)
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py", line 45, in install
self.configure(env)
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/ranger_admin.py", line 103, in configure
ranger('ranger_admin')
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py", line 40, in ranger
setup_ranger_admin(rolling_upgrade=rolling_upgrade)
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py", line 129, in setup_ranger_admin
do_keystore_setup(rolling_upgrade=rolling_upgrade)
File "/var/lib/ambari-agent/cache/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py", line 250, in do_keystore_setup
sudo=True
File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 154, in __init__
self.env.run()
File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 152, in run
self.run_action(resource, action)
File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 118, in run_action
provider_action()
File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line 260, in action_run
tries=self.resource.tries, try_sleep=self.resource.try_sleep)
File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 70, in inner
result = function(command, **kwargs)
File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 92, in checked_call
tries=tries, try_sleep=try_sleep)
File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 140, in _call_wrapper
result = _call(command, **kwargs_copy)
File "/usr/lib/python2.6/site-packages/resource_management/core/shell.py", line 291, in _call
raise Fail(err_msg)
resource_management.core.exceptions.Fail: Execution of '/usr/hdp/current/ranger-admin/ranger_credential_helper.py -l '/usr/hdp/current/ranger-admin/cred/lib/*' -f /etc/ranger/admin/rangeradmin.jceks -k rangeradmin -v 3TMhrVMym4t7Ufg2 -c 1' returned 1. sudo: unable to execute /usr/hdp/current/ranger-admin/ranger_credential_helper.py: Permission denied
stdout: /var/lib/ambari-agent/data/output-1353.txt
2016-01-05 16:40:31,916 - Skipping creation of User and Group as host is sys prepped or ignore_groupsusers_create flag is on
2016-01-05 16:40:31,917 - Directory['/tmp/hbase-hbase'] {'owner': 'hbase_qa', 'recursive': True, 'mode': 0775, 'cd_access': 'a'}
2016-01-05 16:40:32,043 - Skipping setting uid for hbase user as host is sys prepped
2016-01-05 16:40:32,044 - Group['hdfs_qa'] {'ignore_failures': True}
2016-01-05 16:40:32,045 - User['hdfs_qa'] {'ignore_failures': True, 'groups': [u'hadoop_qa_grp', u'hdfs_qa']}
2016-01-05 16:40:32,046 - Modifying user hdfs_qa
2016-01-05 16:40:32,067 - Directory['/etc/hadoop'] {'mode': 0755}
2016-01-05 16:40:32,107 - Directory['/var/lib/ambari-agent/tmp/hadoop_java_io_tmpdir'] {'owner': 'hdfs_qa', 'group': 'hadoop_qa_grp', 'mode': 0777}
2016-01-05 16:40:32,172 - Repository['HDP-2.3'] {'base_url': 'http://public-repo-1.hortonworks.com/HDP/centos7/2.x/updates/2.3.2.0', 'action': ['create'], 'components': [u'HDP', 'main'], 'repo_template': '[{{repo_id}}]\nname={{repo_id}}\n{% if mirror_list %}mirrorlist={{mirror_list}}{% else %}baseurl={{base_url}}{% endif %}\n\npath=/\nenabled=1\ngpgcheck=0', 'repo_file_name': 'HDP', 'mirror_list': None}
2016-01-05 16:40:32,182 - File['/etc/yum.repos.d/HDP.repo'] {'content': InlineTemplate(...)}
2016-01-05 16:40:32,238 - Repository['HDP-UTILS-1.1.0.20'] {'base_url': 'http://public-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/centos7', 'action': ['create'], 'components': [u'HDP-UTILS', 'main'], 'repo_template': '[{{repo_id}}]\nname={{repo_id}}\n{% if mirror_list %}mirrorlist={{mirror_list}}{% else %}baseurl={{base_url}}{% endif %}\n\npath=/\nenabled=1\ngpgcheck=0', 'repo_file_name': 'HDP-UTILS', 'mirror_list': None}
2016-01-05 16:40:32,243 - File['/etc/yum.repos.d/HDP-UTILS.repo'] {'content': InlineTemplate(...)}
2016-01-05 16:40:32,296 - Package['unzip'] {}
2016-01-05 16:40:32,478 - Skipping installation of existing package unzip
2016-01-05 16:40:32,479 - Package['curl'] {}
2016-01-05 16:40:32,920 - Skipping installation of existing package curl
2016-01-05 16:40:32,921 - Package['hdp-select'] {}
2016-01-05 16:40:33,212 - Skipping installation of existing package hdp-select
2016-01-05 16:40:33,418 - Package['ranger_2_3_*-admin'] {}
2016-01-05 16:40:33,669 - Skipping installation of existing package ranger_2_3_*-admin
2016-01-05 16:40:33,669 - Package['ranger_2_3_*-usersync'] {}
2016-01-05 16:40:33,714 - Skipping installation of existing package ranger_2_3_*-usersync
2016-01-05 16:40:33,718 - File['/var/lib/ambari-agent/tmp/postgresql.jar'] {'content': DownloadSource('https://hdpqamgmt0.hdpqa.test.com:8443/resources//postgres-jdbc-driver.jar'), 'mode': 0644}
2016-01-05 16:40:33,752 - Not downloading the file from <a href="https://hdpqamgmt0.hdpqa.test.com:8443/resources//postgres-jdbc-driver.jar,">https://hdpqamgmt0.hdpqa.test.com:8443/resou...</a> because /var/lib/ambari-agent/tmp/postgres-jdbc-driver.jar already exists
2016-01-05 16:40:33,837 - Directory['/usr/share/java'] {'recursive': True, 'mode': 0755, 'cd_access': 'a'}
2016-01-05 16:40:33,959 - Execute[('cp', '--remove-destination', '/var/lib/ambari-agent/tmp/postgresql.jar', '/usr/share/java/postgresql.jar')] {'path': ['/bin', '/usr/bin/'], 'sudo': True}
2016-01-05 16:40:33,973 - File['/usr/share/java/postgresql.jar'] {'mode': 0644}
2016-01-05 16:40:34,027 - Changing permission for /usr/share/java/postgresql.jar from 640 to 644
2016-01-05 16:40:34,040 - Execute[('cp', '--remove-destination', '/var/lib/ambari-agent/tmp/postgresql.jar', '/usr/hdp/current/ranger-admin/ews/lib')] {'path': ['/bin', '/usr/bin/'], 'sudo': True}
2016-01-05 16:40:34,055 - File['/usr/hdp/current/ranger-admin/ews/lib/postgresql.jar'] {'mode': 0644}
2016-01-05 16:40:34,107 - Changing permission for /usr/hdp/current/ranger-admin/ews/lib/postgresql.jar from 640 to 644
2016-01-05 16:40:34,120 - ModifyPropertiesFile['/usr/hdp/current/ranger-admin/install.properties'] {'owner': 'ranger_qa', 'properties': ...}
2016-01-05 16:40:34,150 - Modifying existing properties file: /usr/hdp/current/ranger-admin/install.properties
2016-01-05 16:40:34,165 - File['/usr/hdp/current/ranger-admin/install.properties'] {'owner': 'ranger_qa', 'content': ..., 'group': None, 'mode': None, 'encoding': 'utf-8'}
2016-01-05 16:40:34,223 - Writing File['/usr/hdp/current/ranger-admin/install.properties'] because contents don't match
2016-01-05 16:40:34,250 - Setting up Ranger DB and DB User
2016-01-05 16:40:34,251 - Execute['python /usr/hdp/current/ranger-admin/dba_script.py -q'] {'logoutput': True, 'environment': {'RANGER_ADMIN_HOME': '/usr/hdp/current/ranger-admin', 'JAVA_HOME': u'/usr/jdk64/jdk1.8.0_40'}, 'user': 'ranger_qa'}
2016-01-05 16:40:34,554 [I] Running DBA setup script. QuiteMode:True
2016-01-05 16:40:34,554 [I] Using Java:/usr/jdk64/jdk1.8.0_40/bin/java
2016-01-05 16:40:34,554 [I] DB FLAVOR:POSTGRES
2016-01-05 16:40:34,554 [I] DB Host:hdpqadb0.hdpqa.test.com
2016-01-05 16:40:34,554 [I] ---------- Creating Ranger Admin db user ----------
2016-01-05 16:40:34,910 [I] Verifying user ranger
2016-01-05 16:40:35,229 [I] Postgres user ranger already exists.
2016-01-05 16:40:35,229 [I] ---------- Creating Ranger Admin database ----------
2016-01-05 16:40:35,229 [I] Verifying database ranger
2016-01-05 16:40:35,541 [I] Database ranger already exists.
2016-01-05 16:40:35,541 [I] ---------- Granting permission to Ranger Admin db user ----------
2016-01-05 16:40:35,541 [I] Granting privileges TO user 'ranger' on db 'ranger'
2016-01-05 16:41:01,565 [I] Granting privileges TO user 'ranger' on db 'ranger' Done
2016-01-05 16:41:01,565 [I] ---------- Verifying/Creating audit user ---------
2016-01-05 16:41:01,566 [I] ---------- Setup audit user ----------
2016-01-05 16:41:01,886 [I] Verifying user ranger
2016-01-05 16:41:02,226 [I] Postgres user ranger already exists.
2016-01-05 16:41:02,556 [I] Verifying user rangerlogger
2016-01-05 16:41:02,875 [I] Postgres user rangerlogger already exists.
2016-01-05 16:41:02,876 [I] Verifying database ranger_audit
2016-01-05 16:41:03,188 [I] Database ranger_audit already exists.
2016-01-05 16:41:03,188 [I] Granting privileges TO user 'ranger' on db 'ranger_audit'
2016-01-05 16:41:05,068 [I] Granting privileges TO user 'ranger' on db 'ranger_audit' Done
2016-01-05 16:41:05,068 [I] ---------- Ranger Policy Manager DB and User Creation Process Completed.. ----------
2016-01-05 16:41:05,231 - Execute['python /usr/hdp/current/ranger-admin/db_setup.py'] {'logoutput': True, 'environment': {'PATH': '/usr/sbin:/sbin:/usr/lib/ambari-server/*:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/ambari_qa@hdpqa.test.com/.local/bin:/home/ambari_qa@hdpqa.test.com/bin:/var/lib/ambari-agent', 'RANGER_ADMIN_HOME': '/usr/hdp/current/ranger-admin', 'JAVA_HOME': u'/usr/jdk64/jdk1.8.0_40'}, 'user': 'ranger_qa'}
2016-01-05 16:41:05,341 [I] DB FLAVOR :POSTGRES
2016-01-05 16:41:05,342 [I] --------- Verifying Ranger DB connection ---------
2016-01-05 16:41:05,342 [I] Checking connection
2016-01-05 16:41:05,664 [I] connection success
2016-01-05 16:41:05,664 [I] --------- Verifying Ranger DB tables ---------
2016-01-05 16:41:05,664 [I] Verifying table x_portal_user in database ranger
2016-01-05 16:41:05,979 [I] Table x_portal_user already exists in database ranger
2016-01-05 16:41:05,980 [I] --------- Verifying upgrade history table ---------
2016-01-05 16:41:05,980 [I] Verifying table x_db_version_h in database ranger
2016-01-05 16:41:06,304 [I] Table x_db_version_h already exists in database ranger
2016-01-05 16:41:06,304 [I] --------- Applying Ranger DB patches ---------
2016-01-05 16:41:06,304 [I] No patches to apply!
2016-01-05 16:41:06,304 [I] --------- Starting Audit Operation ---------
2016-01-05 16:41:06,304 [I] --------- Check admin user connection ---------
2016-01-05 16:41:06,305 [I] Checking connection
2016-01-05 16:41:06,659 [I] connection success
2016-01-05 16:41:06,659 [I] --------- Check audit user connection ---------
2016-01-05 16:41:06,659 [I] Checking connection
2016-01-05 16:41:06,965 [I] connection success
2016-01-05 16:41:06,966 [I] --------- Check table ---------
2016-01-05 16:41:06,966 [I] Verifying table xa_access_audit in database ranger_audit
2016-01-05 16:41:07,287 [I] Table xa_access_audit already exists in database ranger_audit
2016-01-05 16:41:07,287 [I] Granting permission to rangerlogger
2016-01-05 16:41:07,287 [I] Granting select and usage privileges to Postgres audit user 'rangerlogger' on XA_ACCESS_AUDIT_SEQ
2016-01-05 16:41:07,589 [I] Granting insert privileges to Postgres audit user 'rangerlogger' on XA_ACCESS_AUDIT table
2016-01-05 16:41:07,886 [I] --------- Applying Audit DB patches ---------
2016-01-05 16:41:07,886 [I] No patches to apply!
2016-01-05 16:41:07,897 - Directory['/usr/hdp/current/ranger-admin/conf'] {'owner': 'ranger_qa', 'group': 'ranger_qa_grp', 'recursive': True}
2016-01-05 16:41:07,941 - File['/usr/lib/ambari-agent/DBConnectionVerification.jar'] {'content': DownloadSource('https://hdpqamgmt0.hdpqa.test.com:8443/resources/DBConnectionVerification.jar'), 'mode': 0644}
2016-01-05 16:41:07,969 - Not downloading the file from <a href="https://hdpqamgmt0.hdpqa.test.com:8443/resources/DBConnectionVerification.jar,">https://hdpqamgmt0.hdpqa.test.com:8443/resou...</a> because /var/lib/ambari-agent/tmp/DBConnectionVerification.jar already exists
2016-01-05 16:41:08,012 - Execute['/usr/jdk64/jdk1.8.0_40/bin/java -cp /usr/lib/ambari-agent/DBConnectionVerification.jar:/usr/share/java/postgresql.jar:/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/lib/* org.apache.ambari.server.DBConnectionVerification 'jdbc:postgresql://hdpqadb0.hdpqa.test.com:5432/ranger' ranger [PROTECTED] org.postgresql.Driver'] {'environment': {}, 'path': ['/usr/sbin:/sbin:/usr/local/bin:/bin:/usr/bin'], 'tries': 5, 'try_sleep': 10}
2016-01-05 16:41:08,370 - Execute[('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf')] {'not_if': 'ls /usr/hdp/current/ranger-admin/conf', 'sudo': True, 'only_if': 'ls /usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf'}
2016-01-05 16:41:08,376 - Skipping Execute[('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/webapp/WEB-INF/classes/conf', '/usr/hdp/current/ranger-admin/conf')] due to not_if
2016-01-05 16:41:08,377 - Execute[('chown', '-R', u'ranger_qa:ranger_qa_grp', '/usr/hdp/current/ranger-admin/')] {'sudo': True}
2016-01-05 16:41:08,402 - Directory['/var/log/ranger/admin'] {'owner': 'ranger_qa', 'group': 'ranger_qa_grp'}
2016-01-05 16:41:08,443 - File['/usr/hdp/current/ranger-admin/conf/ranger-admin-default-site.xml'] {'owner': 'ranger_qa', 'group': 'ranger_qa_grp'}
2016-01-05 16:41:08,496 - File['/usr/hdp/current/ranger-admin/conf/security-applicationContext.xml'] {'owner': 'ranger_qa', 'group': 'ranger_qa_grp'}
2016-01-05 16:41:08,546 - Execute[('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin')] {'not_if': 'ls /usr/bin/ranger-admin', 'sudo': True, 'only_if': 'ls /usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh'}
2016-01-05 16:41:08,551 - Skipping Execute[('ln', '-sf', '/usr/hdp/current/ranger-admin/ews/ranger-admin-services.sh', '/usr/bin/ranger-admin')] due to not_if
2016-01-05 16:41:08,551 - XmlConfig['ranger-admin-site.xml'] {'group': 'ranger_qa_grp', 'conf_dir': '/usr/hdp/current/ranger-admin/conf', 'mode': 0644, 'configuration_attributes': {}, 'owner': 'ranger_qa', 'configurations': ...}
2016-01-05 16:41:08,565 - Generating config: /usr/hdp/current/ranger-admin/conf/ranger-admin-site.xml
2016-01-05 16:41:08,566 - File['/usr/hdp/current/ranger-admin/conf/ranger-admin-site.xml'] {'owner': 'ranger_qa', 'content': InlineTemplate(...), 'group': 'ranger_qa_grp', 'mode': 0644, 'encoding': 'UTF-8'}
2016-01-05 16:41:08,686 - Directory['/usr/hdp/current/ranger-admin/conf/ranger_jaas'] {'owner': 'ranger_qa', 'group': 'ranger_qa_grp', 'mode': 0700}
2016-01-05 16:41:08,738 - Execute[('/usr/hdp/current/ranger-admin/ranger_credential_helper.py', '-l', '/usr/hdp/current/ranger-admin/cred/lib/*', '-f', u'/etc/ranger/admin/rangeradmin.jceks', '-k', u'rangeradmin', '-v', [PROTECTED], '-c', '1')] {'logoutput': True, 'environment': {'RANGER_ADMIN_HOME': '/usr/hdp/current/ranger-admin', 'JAVA_HOME': u'/usr/jdk64/jdk1.8.0_40'}, 'sudo': True}
sudo: unable to execute /usr/hdp/current/ranger-admin/ranger_credential_helper.py: Permission denied
1 ACCEPTED SOLUTION
Guru
Created 01-13-2016 02:57 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This issue was resolved. Root cause of the issue was that customer had symlinked /usr/hdp to /opt/hadoop/usr/hdp and as per discussion with Ranger Engg., that apparently is not supported currently. Once, I removed symlink and reverted back to /usr/hdp, issue got fixed.
unlink /usr/hdp cp -rp /opt/hadoop/usr/* /usr/ rm -rf /opt/hadoop/usr
10 REPLIES 10
New Contributor
Created 06-06-2018 01:00 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I had similar issue when I try install Ranger on HDP 2.5.0.3. Ambari app are working on ambari (non-root) account. I also moved hdp directory do annother disk and created symlink.
Error what I got:
2018-06-05 10:25:43,096 - Execute[(u'/opt/java/jdk1.8.0/bin/java', '-cp', u'/usr/hdp/current/ranger-admin/cred/lib/*', 'org.apache.ranger.credentialapi.buildks', 'create', u'rangeradmin', '-value', [PROTECTED], '-provider', u'jceks://file/etc/ranger/admin/rangeradmin.jceks')] {'logoutput': True, 'environment': {'JAVA_HOME': u'/opt/java/jdk1.8.0'}, 'sudo': True}
Sorry, user ambari is not allowed to execute '/opt/java/jdk1.8.0/bin/java -cp /usr/hdp/current/ranger-admin/cred/lib/* org.apache.ranger.credentialapi.buildks create rangeradmin -value O6gZHKsVNcEMVAZSvjZo
Solution:
I detected when I logged in ambari user I could run java, but when run sudo java I got similar error like above.
The solution was to add and entry to /etc/sudoers:
ambari ALL=(ALL) NOPASSWD:SETENV: /bin/java *
- « Previous
-
- 1
- 2
- Next »
Announcements
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
What's New @ Cloudera
