FUSE - Mountable HDFS Security Configuration
This section describes how to use FUSE (Filesystem in Userspace) and CDH with Kerberos security on your Hadoop cluster. FUSE enables you to mount HDFS, which makes HDFS files accessible just as if they were UNIX files.
To use FUSE and CDH with Kerberos security, follow these guidelines:
- For each HDFS user, make sure that there is a UNIX user with the same name. If there isn't, some files in the FUSE mount point will appear to be owned by a non-existent user. Although this is harmless, it can cause confusion.
- When using Kerberos authentication, users must run kinit before accessing the FUSE mount point. Failure to do this will result in I/O errors when the user attempts to access the mount point. For security reasons, it is not possible to list the files in the mount point without first running kinit.
- When a user runs kinit, all processes that run as that user can use the Kerberos credentials. It is not necessary to run kinit in the same shell as the process accessing the FUSE mount point.