ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Balaji Ganesan <balaji.ganesa...@gmail.com>
Subject [Discuss] (RANGER-693) HDFS folder permission exclusively managed my Ranger
Date Tue, 13 Oct 2015 15:49:48 GMT
Good suggestion. HDFS fallback permission does create confusion for users,
it is better to restrict it to certain folders

There is a still an issue of figuring our existing permissions for a given
folder/file. We should include a separate JIRA to modify our reporting tool
to give accurate picture on existing permissions for HDFS files/folders. In
this case, Ranger should interpret both HDFS and Ranger permissions for
folder where fallback is allowed.

On Mon, Oct 12, 2015 at 3:14 PM, Don Bosco Durai (JIRA) <jira@apache.org>

> Don Bosco Durai created RANGER-693:
> --------------------------------------
>              Summary: HDFS folder permission exclusively managed my Ranger
>                  Key: RANGER-693
>                  URL: https://issues.apache.org/jira/browse/RANGER-693
>              Project: Ranger
>           Issue Type: Improvement
>     Affects Versions: 0.5.1
>             Reporter: Don Bosco Durai
>              Fix For: 0.6.0
> In HDFS plugin, if there are no policies for the file/folder, then Ranger
> falls backs to HDFS file/folder permission.
> While this is very convenient, but in some cases it is desirable that only
> Ranger manages the policies. Good examples are folders like
> /apps/hive/warehouse or some user folders where it is better that Ranger
> manages the entire permission.
> One suggestion is to mark folders which will be managed by Ranger. For
> these folders, ignore all permissions and ownership set at the HDFS
> file/folder level.
> This will be a very useful feature for Ranger.
> --
> This message was sent by Atlassian JIRA
> (v6.3.4#6332)

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message