hadoop-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bertrand Dechoux <decho...@gmail.com>
Subject Re: Permission denied hadoop job
Date Sun, 19 Aug 2012 03:50:25 GMT
Hi,

I have never heard about a magic group called 'hadoop'.
Does it have a specific meaning in your context?

You should read more about security in Hadoop.
Your last question hint that you haven't looked at it.

http://hadoop.apache.org/common/docs/r1.0.3/hdfs_user_guide.html#File+Permissions+and+Security

File Permissions and Security
> The file permissions are designed to be similar to file permissions on
> other familiar platforms like Linux. Currently, security is limited to
> simple file permissions. *The user that starts NameNode is treated as the
> superuser for HDFS.* Future versions of HDFS will support network
> authentication protocols like Kerberos for user authentication and
> encryption of data transfers. The details are discussed in the Permissions
> Guide<http://hadoop.apache.org/common/docs/r1.0.3/hdfs_permissions_guide.html>
> .


The straight answer is : run your cluster with the bitnami user.

But it may be a good habit to
1) have the hadoop superuser being different than the system root
2) interact with your cluster with users having limited access ie not your
superuser

Regards

Bertrand

On Sun, Aug 19, 2012 at 3:43 AM, Robert Irribarren <robert@algorithms.io>wrote:

> bitnami@ip-10-252-38-45:/usr/share/hadoop/hadoop-1.0.3$ bin/hadoop dfs
> -copyFromLocal /tmp/myDir /user/bitnami/myDir
> Warning: $HADOOP_HOME is deprecated.
>
> copyFromLocal: Target /user/bitnami/myDir/ is a directory
> bitnami@ip-10-xxx-xx-xx:/usr/share/hadoop/hadoop-1.0.3$ bin/hadoop dfs
> -rmr /user/bitnami/
> Warning: $HADOOP_HOME is deprecated.
>
> rmr: org.apache.hadoop.security.AccessControlException: Permission denied:
> user=bitnami, access=WRITE, inode="user":root:supergroup:rwxr-xr-x
>
>
> I have also made sure that bitnami was in the group hadoop
>
> bitnami@ip-10-xxx-xx-xx:groups bitnami
> bitnami : bitnami adm dialout cdrom floppy audio dip video plugdev netdev
> admin hadoop
>
> I have read that the root:supergroup: should read bitnami:supergroup. How
> can I change this?
>
>


-- 
Bertrand Dechoux

Mime
View raw message