The following steps serve as a security checklist:
You must temporarily disable SELinux for the Ambari setup to function. On each host in your cluster:
setenforce 0
Note To permanently disable SELinux: set
SELINUX=disabled
in
/etc/selinux/config
This ensures that SELinux does not turn itself on after you reboot the machine.On an installation host running RHEL/CentOS with PackageKit installed, open
/etc/yum/pluginconf.d/refresh-packagekit.conf
using a text editor and make this change:enabled=0
Note PackageKit is not enabled by default on a SLES system. Unless you have specifically enabled PackageKit, you may skip this step for a SLES installation host.
UMASK (User Mask or User file creation MASK) is the default permission or base permission given when a new file or folder is created on a Linux machine. Most Linux distros set 022 as the default umask. For a HDP cluster, make sure that umask is set to 022. To set umask 022, run the following command as root on all hosts,
vi etc/profile
umask 022