Original address: http://blog.sina.com.cn/s/blog_605f5b4f0101897z.html
the permissions of HDFs are very simple to judge, which is to compare the user name of the issuing instruction with the user name of the file.private void Check (Inode inode, fsaction access) throws Accesscontrolexception {if (inode = = null) {RET Urn } fspermission mode = Inode.getfspermission ();
if (User.equals (Inode.getusername ())) {//user class if (Mode.getuseraction (). implies (Access)) {return;} } else if (Groups.contains (Inode.getgroupname ())) {//group class if (Mode.getgroupaction (). implies (Access)) {R Eturn; }} else {//other class if (Mode.getotheraction (). implies (Access)) {return;} } throw new Accesscontrolexception ("Permission denied:user=" + user + ", access=" + Access + ", inode=" + ino DE); } }
The reason for the permission denied encountered when a multiuser submits a task is related to the process of the task submission. 1the client that submits the task first will package the task-related files in Hadoop.tmp.dir, which is a local directory that needs to be verified by local system permissions. Because it is a temporary directory directly set to 777 on the line.2. The client willTask FilePackage WriteThe Mapreduce.jobtracker.staging.root.dir + "/" + user + "/.staging" directory for HDFs requires HDFS permission validation. You can usually choose between two methods of resolving. 1) KeepMapreduce.jobtracker.staging.root.dir is the default, this directory is chmod 7772)The User directory is established under the/USER directory in HDFs, and Chown is the user, which is equivalent to creating a user under HDFs. then set Mapreduce.jobtracker.staging.root.dir to/USER, which is officially recommended, and you can see that the description of this property is written like this: the root of the staging area for users ' job files in practice, this should is the directory where users ' home director IES is located (usually/user). 3) Some people say that you can specify users and groups by adding the Hadoop.job.ugi property when you start a task. I verify that this is not possible. See the source code is also directly get UGI = Usergroupinformation.getcurrentuser (); But look at the HDFs permissions policy this should be set.
There are some, such as setting the Dfs.permissions parameter off the check, change the source code directly do not check ...
Finally, be aware thatthe out put of the task requires the current user to have permissions, otherwise it is unsuccessful. Set to be the user directory just finefrom:http://blog.163.com/darkness@yeah/blog/static/131774484201272155937382/
Also, note about the/tmp directory: ERROR org.apache.pig.impl.io.filelocalizer-org.apache.hadoop.security.accesscontrolexception: Org.apache.hadoop.security.AccessControlException:Permission Denied:user=shashaa, Access=write, inode= "tmp":p wang7:supergroup:rwxr-xr-x In this case, of course, use chmod to change the TMP directory's permissions to 777.
About Mapreduce.jobtracker.staging.root.dir
| Parameter | Value | Description |
|---|---|---|
| Mapred.system.dir | /var/mapr/cluster/mapred/jobtracker/system | The shared directory where MapReduce stores control files. |
| Mapred.job.tracker.persist.jobstatus.dir | /var/mapr/cluster/mapred/jobtracker/jobsinfo | The directory where the job status information is persisted in a file system to being available after it drops of the memory Queue and between Jobtracker restarts. |
| Mapreduce.jobtracker.staging.root.dir | /var/mapr/cluster/mapred/jobtracker/staging | the root of the staging area for users ' job files in practice, this should is the directory where users ' home director IES is located (usually/user) |
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
