hadoop-common-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chen dong <chendong...@gmail.com>
Subject Where does Hadoop get username and group mapping from for linux shell username and group mapping?
Date Fri, 14 Oct 2016 02:43:33 GMT
Hi, 

Currently I am working on a project to enhance the security for the Hadoop cluster. Eventually
I will use Kerberos and Sentry for authentication and authorisation. And the username and
group mapping will come from AD/LDAP (?), I think so. 

But now I am just learning and trying. I have a question and I haven’t figure it out is

where the username/group mapping information come from? 

As far as I know there is no username and group name for Hadoop and username and group name
come from the client wherever from local client machine or Kerberos realm. But it is a little
bit vague for me and can I get the implementation details here? 

Is this information from the machine where HDFS client is located or from the linux shell
username and group on name node?  Or it depends on the context - even related to data node?
What if the data nodes and name nodes have different users or user-group mapping in the local
boxes. 

Regards,

Dong


Mime
View raw message