HDFS Permission Setting Error

Issue

When using MRS, a user has the permission to delete or create files in another user's HDFS directory.

Symptom

When using MRS, a user has the permission to delete or create files in another user's HDFS directory.

Cause Analysis

The user has the permission for the ficommon group and therefore can perform any operations on the HDFS. You need to remove the user's ficommon group permission.

Procedure

1. Log in to the master node in the cluster as user root.
2. Run the id ${Username} command to check whether the user has the ficommon group permission.

   If the user has the ficommon group permission, go to 3. If the user does not have the ficommon group permission, contact technical support.

   

   ${Username} indicates the name of the user whose HDFS permission is incorrectly set.

3. Run the gpasswd -d ${Username} ficommon command to delete the user's ficommon group permission.
   

   ${Username} indicates the name of the user whose HDFS permission is incorrectly set.

4. Modify parameters on Manager.
   MRS Manager (applicable to versions earlier than MRS 3.x):

   1. Log in to MRS Manager and choose Services > HDFS > Service Configuration.
   2. Set Type to All, enter dfs.permissions.enabled in the search box, and change the parameter value to true.
   3. Click Save Configuration and restart the HDFS service.

   FusionInsight Manager (applicable to MRS 3.x or later):

   1. Log in to FusionInsight Manager. Choose Cluster > Services > HDFS > Configurations > All Configurations.
   2. Enter dfs.permissions.enabled in the search box and change the value to true.
   3. After the modification is complete, click Save and restart the HDFS service.

   MRS console (applicable to MRS 2.0.1 or later):

   1. Log in to the MRS console and choose Components > HDFS > Service Configuration.
   2. Set Type to All, enter dfs.permissions.enabled in the search box, and change the parameter value to true.
   3. Click Save Configuration and restart the HDFS service.