Enabling Kerberos Authentication for Single User Mode or Non-Default Users

The steps described in this topic are only applicable in the following cases:
  • You are running the Cloudera Manager in the single user mode. In this case, configure all the services described in the table below.


  • You are running one or more CDH services with non-default users. This means if you have modified the default value for the System User property for any service in Cloudera Manager, you must only perform the command (as described below) corresponding to that service, to be able to successfully run jobs with the non-default user.
MapReduce Configure the mapred.system.dir directory to be owned by the mapred user.
sudo -u hdfs hadoop fs -chown mapred:hadoop ${mapred.system.dir}
By default, mapred.system.dir is /tmp/mapred/system.
HBase Give the hbase user ownership of the HBase root directory:
sudo -u hdfs hadoop fs -chown -R hbase ${hbase.rootdir}
By default, hbase.rootdir is /hbase.
Hive Give the hive user ownership of the /user/hive directory.
sudo -u hdfs hadoop fs -chown hive /user/hive
YARN For every NodeManager host, for each path in yarn.nodemanager.local-dirs, run:
rm -rf ${yarn.nodemanager.local-dirs}/usercache/*
This removes the /usercache directory that contains intermediate data stored for previous jobs.