@klhinva The link provided by @ask_bill_brooks will show the current information. Here is an updated link directly to the Software Dependencies section. I hope this helps.  ... View more

@pkotla Check the Apache doc if that helps. I am not very sure if that’s achievable but give it a try.  https://ranger.apache.org/apidocs/resource_ServiceREST.html#resource_ServiceREST_applyPolicy_POST ... View more

@JananiViswa1  Hue is a gateway to CDH cluster services (see Hue Applications) and both have completely separate permissions. Being a Hue superuser means nothing to HDFS, Hive, and so on. Important: Hue and the underlying cluster services have completely separate permissions! Users who log on to the Hue UI must have permission to use Hue, and also, each CDH service accessible within Hue.   Once Hue is authenticated by a service (for example, Hive), Hue impersonates the user (doAs) requesting use of that service (for example, to create a table). The service uses Sentry (essentially a chmod tool) to ensure the group to which that user belongs is authorized for that action. Hue user permissions are at the application level only. For example, a Hue superuser can filter Hue user access to a CDH service but cannot authorize the use of its features. Again, Sentry does that. Learn how to Authorize Hue User Groups with Sentry.   Ref Doc: https://docs.cloudera.com/documentation/enterprise/6/6.3/topics/hue_adm_permissions.html ... View more

Hi Gangwar,     Thanks for your reply, we're using CDH6.3.2, it means that we can use Digest authentication to reduce the risk from this CVE? ... View more

@PrernaU You can check if ipc.client.fallback-to-simple-auth-allowed to true in core-site.xml and see if that helps.   ... View more

@ateka_18 The downtime is better choice because KTS interacts with CDH cluster and failure/Down of KTS will hamper the CDH services hence the job.  ... View more