Created 08-11-2016 12:06 PM
Error "DISABLED: Security features are not available" is thrown
hbase(main):002:0> user_permission 'TABLE_NAME' User Namespace,Table,Family,Qualifier:Permission ERROR: DISABLED: Security features are not available Here is some help for this command: Show all permissions for the particular user. Syntax : user_permission <table> Note: A namespace must always precede with '@' character. For example: hbase> user_permission hbase> user_permission '@ns1' hbase> user_permission '@.*' hbase> user_permission '@^[a-c].*' hbase> user_permission 'table1' hbase> user_permission 'namespace1:table1' hbase> user_permission '.*' hbase> user_permission '^[A-C].*'
Below configuraton is set in hbase-site.xml
<property> <name>hbase.coprocessor.region.classes</name> <value>org.apache.hadoop.hbase.security.access.AccessController,org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint</value> </property> <property> <name>hbase.coprocessor.regionserver.classes</name> <value>org.apache.hadoop.hbase.security.access.AccessController</value> </property> <property> <name>hbase.coprocessor.master.classes</name> <value>org.apache.hadoop.hbase.security.access.AccessController</value> </property> <property> <name>hbase.security.authorization</name> <value>true</value> </property> <property> <name>hbase.security.authentication</name> <value>kerberos</value> </property> <property> <name>hbase.master.kerberos.principal</name> <value>hbase/_HOST@HWX.VIBGYOR.COM</value> </property> <property> <name>hbase.master.keytab.file</name> <value>/etc/security/keytabs/hbase.service.keytab</value> </property>
Created 08-11-2016 01:25 PM
Got the logs from @nshetty and checked somehow the hbase:acl table is not created because earlier hbase:acl znode is present but the table is not present. Once after deleting the hbase:acl table znode and restarting the service it's working fine.
Created 08-11-2016 01:18 PM
It seems your hbase:acl table is not created.
can you check hbase-site.xml at master side as well it should have:-
<property> <name>hbase.coprocessor.master.classes</name> <value>org.apache.hadoop.hbase.security.access.AccessController</value> </property>
try restarting your cluster as postStartMaster step should create this table, once you are able to do scan 'hbase:acl' , you will not see above error "ERROR: DISABLED:Security features are not available"
Created 08-11-2016 01:25 PM
Got the logs from @nshetty and checked somehow the hbase:acl table is not created because earlier hbase:acl znode is present but the table is not present. Once after deleting the hbase:acl table znode and restarting the service it's working fine.