@Terry Stebbens Thanksa lot again for all ur help . In HDP sandbox 2.5 , while testing ranger functionalities, I got I need hive user access.but am not sure what is default hive user credentials. Can yo help me in this please. I am trying to achieve BEST PRACTICES FOR HDFS AUTHORIZATION Having a federated authorization model may create a challenge for security administrators looking to plan a security model for HDFS. After Apache Ranger and Hadoop have been installed, we recommend administrators to implement the following steps:
Change HDFS umask to 077 Identify directory which can be managed by Ranger policies Identify the directories that can be managed by Ranger policies We recommend that permission for application data folders (/apps/hive, /apps/Hbase) as well as any custom data folders be managed through Apache Ranger. The HDFS native permissions for these directories need to be restrictive. This can be done through changing permissions in HDFS using chmod. Example: $ hdfs dfs -chmod -R 000 /apps/hive $ hdfs dfs -chown -R hdfs:hdfs /apps/hive $ hdfs dfs -ls /apps/hive Found 1 items d——— – hdfs hdfs 0 2015-11-30 08:01 /apps/hive/warehouse After changing umask value 077. Its not allow me to do any operation as root user. its looking for hive user. can u guide me please Error: at org.apache.hadoop.fs.shell.Command.run(Command.java:165)
at org.apache.hadoop.fs.FsShell.run(FsShell.java:297)
at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:76)
at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:90)
at org.apache.hadoop.fs.FsShell.main(FsShell.java:350)
chmod: changing permissions of '/apps/hive': Permission denied. user=root is not the owner of inode=hive
http://hortonworks.com/blog/best-practices-in-hdfs-authorization-with-apache-ranger/
... View more
