Member since
10-01-2018
802
Posts
143
Kudos Received
130
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
2266 | 04-15-2022 09:39 AM | |
1752 | 03-16-2022 06:22 AM | |
5154 | 03-02-2022 09:44 PM | |
2066 | 03-02-2022 08:40 PM | |
1292 | 01-05-2022 07:01 AM |
01-05-2022
05:57 PM
Thank you very much for your answer, but another question is that I need a clear evidence to convince customers that HDFS is necessary when adding Apache sentry service. Can you help find the relevant documents here? Sorry for the inconvenience.
... View more
01-05-2022
03:36 AM
@muslihuddin No I didn’t find any other bug. Not sure in your case by the modification of java.security file didn’t worked alone. The solution you are having atm is also fine in my opinion no harm in that.
... View more
01-03-2022
03:32 AM
@bdworld2 Take a look of this doc which can help about the Maven use. https://docs.cloudera.com/documentation/enterprise/release-notes/topics/cdh_vd_cdh5_maven_repo.html
... View more
01-03-2022
01:42 AM
@writtenyu You can see the error in CM server logs. Please attach those here to see what’s happening.
... View more
01-03-2022
01:18 AM
@RickWang If you can point the exact repo on GitHub I can try to take a look and can come with an answer. Normally if this is available on public Git then you can fork and modified as per convenience in my opinion.
... View more
01-03-2022
01:09 AM
@Phantom No CDH4 is discontinued and not on internet as well. If you have old Internal Repository setup then you can try to install but from internet it's not possible. One way I can think of is try to manually place the parcels on the new node but again you might not have agent version so it will be a mess. If you are having a paid subscription then I would suggest you to upgrade to some supported version or AT LEAST publicly available version and then add node. Without Subscription New Node Addition is not possible.
... View more
01-02-2022
08:15 PM
1 Kudo
@noamsh_88, to recap:
You started out the thread saying that you are "using Cloudera V5.1.1 with log4j v1.2.17" and asked how you could upgrade to the latest version of log4j on CDH V5.1.1.
@GangWar replied that CDH 5.x is not and would not be tested with a later version of log4j, as CDH 5.x has reached End of Support (open that link and then expand the section labeled "Cloudera Enterprise products" underneath Current End of Support (EoS) Dates) and so if you tried it, you would be on your own.
He also wrote that CDH-5 was not impacted by the log4j vulnerability described in log4j2 CVE-2021-44228
You replied on 2 Jan that you ran the "patch for log4j provided at https://github.com/cloudera/cloudera-scripts-for-log4j" and asked:
how can we verify our env is out from log4j risk?
is there some java classes we should verify inside?
The very first sentence of the README.md file that renders in the browser automatically when one visits the URL you shared earlier for the cloudera-scripts-for-log4j reads:
This repo contains scripts and helper tools to mitigate the critical log4j vulnerability CVE-2021-44228 for Cloudera products affecting all versions of log4j between 2.0 and 2.14.1.
Emphasis added.
As @GangWar indicated, your environment, based on CDH 5.x, should not have had a version of log4j between 2.0 and 2.14.1 installed, and therefore should not have been vulnerable to the the log4j vulnerability described in log4j2 CVE-2021-44228. This is because, as you yourself pointed out in your original post on 23 Dec, you only had log4j v1.2.17 installed in your environment. log4j v1.2.17 is not a version of log4j between 2.0 and 2.14.1.
This also explains why, after you ran the script intended for systems using log4j versions between 2.0 and 2.14.1 on a system using log4j v1.2.17, the log4j V1 jars were not removed.
But since you ran the script for log4j provided at https://github.com/cloudera/cloudera-scripts-for-log4j anyway and presumably still have it handy, you could check manually for log4j .jar files in your environment in a similar manner that the script does and verify for yourself that none of those files still have the JndiLookup.class still present and thereby verify your environment is not at risk to the log4j vulnerability described in log4j2 CVE-2021-44228 (this information is also in the same README.md file on GitHub where the script you ran is being distributed from).
... View more
01-01-2022
05:14 PM
Hello @GangWar , Yes I can do kinit -kt for all the userids including yarn, livy and own userid from the same server.
... View more
12-31-2021
09:23 AM
1 Kudo
@sandeep1 Take a look at : https://docs.cloudera.com/cdp-private-cloud-base/7.1.3/runtime-release-notes/topics/rt-runtime-component-versions.html
... View more