Re: accounts permission on hadoop
On Sep 1, 2010, at 9:08 AM, Todd Lipcon wrote: >>> >>> Currently hadoop gets its user groups from the posix user/groups. >> >> ... based upon what the client sends, not what the server knows. > > Not anymore in trunk or the security branch - now it's mapped on the > server side with a configurable resolver class. Yes, but only like 3 people use that stuff presently. Trunk=unicorns and ponies.
Re: accounts permission on hadoop
On Tue, Aug 31, 2010 at 5:28 PM, Allen Wittenauer wrote: > > On Aug 31, 2010, at 2:43 PM, Edward Capriolo wrote: > >> On Tue, Aug 31, 2010 at 5:07 PM, Gang Luo wrote: >>> Hi all, >>> I am the administrator of a hadoop cluster. I want to know how to specify a >>> group a user belong to. Or hadoop just use the group/user information from >>> the >>> linux system it runs on? For example, if a user 'smith' belongs to a group >>> 'research' in the linux system. what is his account and group on HDFS? >>> >>> >> >> Currently hadoop gets its user groups from the posix user/groups. > > ... based upon what the client sends, not what the server knows. Not anymore in trunk or the security branch - now it's mapped on the server side with a configurable resolver class. -Todd -- Todd Lipcon Software Engineer, Cloudera
Re: accounts permission on hadoop
On Aug 31, 2010, at 2:43 PM, Edward Capriolo wrote: > On Tue, Aug 31, 2010 at 5:07 PM, Gang Luo wrote: >> Hi all, >> I am the administrator of a hadoop cluster. I want to know how to specify a >> group a user belong to. Or hadoop just use the group/user information from >> the >> linux system it runs on? For example, if a user 'smith' belongs to a group >> 'research' in the linux system. what is his account and group on HDFS? >> >> > > Currently hadoop gets its user groups from the posix user/groups. ... based upon what the client sends, not what the server knows.
Re: accounts permission on hadoop
It is clear now. Thanks Mike. -Gang - 原始邮件 发件人: Michael Thomas 收件人: common-user@hadoop.apache.org 发送日期: 2010/8/31 (周二) 8:04:07 下午 主 题: Re: accounts permission on hadoop On 08/31/2010 05:01 PM, Michael Thomas wrote: > On 08/31/2010 03:12 PM, Gang Luo wrote: >> Thanks Edward. >> >> I was thinking is the home directory on HDFS also comply with the linux >system? >> Since I create '/usr/research/home/smith' on HDFS for user 'smith', which is >> also the home directory for smith in linux. When he input ' 'bin/hadoop fs -ls >> ~/' he will get this directory, instead of '/user/smith'. >> >> -Gang > > The tilde character '~' is a shell metacharacter. It is converted to > value of $HOME before the shell invokes the bin/hadoop command. For > example: > > 1) User types "bin/hadoop fs -ls ~/" > 2) Your shell changes this command to "bin/hadoop fs -ls /user/smith/" > (or wherever the user's local linux home directory is located). > 3) Your shell invokes the command and hadoop returns the contents of > '/usr/research/home/smith' from hdfs (which probably doesn't exist), not > from the local filesystem. Of course, I meant to say "...returns the contents of '/user/smith' from hdfs..." --Mike > Hadoop doesn't do anything special with the ~ character. > > --Mike >
Re: accounts permission on hadoop
On 08/31/2010 05:01 PM, Michael Thomas wrote: > On 08/31/2010 03:12 PM, Gang Luo wrote: >> Thanks Edward. >> >> I was thinking is the home directory on HDFS also comply with the linux >> system? >> Since I create '/usr/research/home/smith' on HDFS for user 'smith', which is >> also the home directory for smith in linux. When he input ' 'bin/hadoop fs >> -ls >> ~/' he will get this directory, instead of '/user/smith'. >> >> -Gang > > The tilde character '~' is a shell metacharacter. It is converted to > value of $HOME before the shell invokes the bin/hadoop command. For > example: > > 1) User types "bin/hadoop fs -ls ~/" > 2) Your shell changes this command to "bin/hadoop fs -ls /user/smith/" > (or wherever the user's local linux home directory is located). > 3) Your shell invokes the command and hadoop returns the contents of > '/usr/research/home/smith' from hdfs (which probably doesn't exist), not > from the local filesystem. Of course, I meant to say "...returns the contents of '/user/smith' from hdfs..." --Mike > Hadoop doesn't do anything special with the ~ character. > > --Mike > smime.p7s Description: S/MIME Cryptographic Signature
Re: accounts permission on hadoop
On 08/31/2010 03:12 PM, Gang Luo wrote: > Thanks Edward. > > I was thinking is the home directory on HDFS also comply with the linux > system? > Since I create '/usr/research/home/smith' on HDFS for user 'smith', which is > also the home directory for smith in linux. When he input ' 'bin/hadoop fs -ls > ~/' he will get this directory, instead of '/user/smith'. > > -Gang The tilde character '~' is a shell metacharacter. It is converted to value of $HOME before the shell invokes the bin/hadoop command. For example: 1) User types "bin/hadoop fs -ls ~/" 2) Your shell changes this command to "bin/hadoop fs -ls /user/smith/" (or wherever the user's local linux home directory is located). 3) Your shell invokes the command and hadoop returns the contents of '/usr/research/home/smith' from hdfs (which probably doesn't exist), not from the local filesystem. Hadoop doesn't do anything special with the ~ character. --Mike smime.p7s Description: S/MIME Cryptographic Signature
Re: accounts permission on hadoop
Thanks Edward. I was thinking is the home directory on HDFS also comply with the linux system? Since I create '/usr/research/home/smith' on HDFS for user 'smith', which is also the home directory for smith in linux. When he input ' 'bin/hadoop fs -ls ~/' he will get this directory, instead of '/user/smith'. -Gang - 原始邮件 发件人: Edward Capriolo 收件人: common-user@hadoop.apache.org 发送日期: 2010/8/31 (周二) 5:43:22 下午 主 题: Re: accounts permission on hadoop On Tue, Aug 31, 2010 at 5:07 PM, Gang Luo wrote: > Hi all, > I am the administrator of a hadoop cluster. I want to know how to specify a > group a user belong to. Or hadoop just use the group/user information from the > linux system it runs on? For example, if a user 'smith' belongs to a group > 'research' in the linux system. what is his account and group on HDFS? > > > Also, I want to know how to specify the prefix of the home directory. If there > are two directories on HDFS, '/usr/smith' and 'user/smit'. When smith input > 'bin/hadoop fs -ls ~/', which directory will he see? > > Thanks, > -Gang > > > > > Currently hadoop gets its user groups from the posix user/groups. Your default home directory would be /user/smith. Directories like /usr/smith or /home/smith usually appear by accidental keystrokes, copy operations, etc. Regards, Edward
Re: accounts permission on hadoop
On Tue, Aug 31, 2010 at 5:07 PM, Gang Luo wrote: > Hi all, > I am the administrator of a hadoop cluster. I want to know how to specify a > group a user belong to. Or hadoop just use the group/user information from the > linux system it runs on? For example, if a user 'smith' belongs to a group > 'research' in the linux system. what is his account and group on HDFS? > > > Also, I want to know how to specify the prefix of the home directory. If there > are two directories on HDFS, '/usr/smith' and 'user/smit'. When smith input > 'bin/hadoop fs -ls ~/', which directory will he see? > > Thanks, > -Gang > > > > > Currently hadoop gets its user groups from the posix user/groups. Your default home directory would be /user/smith. Directories like /usr/smith or /home/smith usually appear by accidental keystrokes, copy operations, etc. Regards, Edward
accounts permission on hadoop
Hi all, I am the administrator of a hadoop cluster. I want to know how to specify a group a user belong to. Or hadoop just use the group/user information from the linux system it runs on? For example, if a user 'smith' belongs to a group 'research' in the linux system. what is his account and group on HDFS? Also, I want to know how to specify the prefix of the home directory. If there are two directories on HDFS, '/usr/smith' and 'user/smit'. When smith input 'bin/hadoop fs -ls ~/', which directory will he see? Thanks, -Gang