Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Ranger Admin stops applying policy updates.

Labels:
avatar
author-rank hyadav
Rising Star

Created ‎05-23-2016 11:29 AM

1) Using HDFS DFS -ls command I see /apps/hive with permissions 777

2) Modifying permissions on /apps/hive to 700 by using HDFS DFS -chmod command 3) Now going back to Ranger and modifying permissions to HDFS policy to add users to have access to path /apps/hive/warehouse. Ranger will no longer sync with HDFS

846 Views
1 ACCEPTED SOLUTION

avatar
author-rank sshimpi
Super Guru

Created ‎05-23-2016 11:33 AM

@Harini Yadav

Please check this -

Ranger will always takes 1st precedence and then POSX permissions/HDFS acl's.

Also setting "xasecure.add-hadoop-authorization" = false in ranger-hdfs-security.xml in /etc/hadoop/conf will stop the fall back to HDFS ACL.

Please check below url's for more details -

http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/

https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range...

View solution in original post

637 Views
0 Kudos
1 REPLY 1

avatar
author-rank sshimpi
Super Guru

Created ‎05-23-2016 11:33 AM

@Harini Yadav

Please check this -

Ranger will always takes 1st precedence and then POSX permissions/HDFS acl's.

Also setting "xasecure.add-hadoop-authorization" = false in ranger-hdfs-security.xml in /etc/hadoop/conf will stop the fall back to HDFS ACL.

Please check below url's for more details -

http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/

https://community.hortonworks.com/questions/22054/should-we-disable-hdfs-default-acl-to-enable-range...

638 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements