Hadoop Security Guide
Also available as:
PDF
loading table of contents...

Oozie

Recommendations

A new Oozie administrator role (oozie-admin) has been created in HDP 2.3.

This role enables role separation between the Oozie daemon and administrative tasks. Both the oozie-admin role and the oozie role must be specified in the adminusers.txt file. This file is installed in HDP 2.3 with both roles specified. Both are also defined in Ambari 2.1 as well. Modification is only required if administrators choose to change the default administrative roles for Oozie.

If oozie-admin is used as the Oozie administrator user in your cluster, then the role is automatically managed by ambari.

If you plan to create an Oozie admin user other than oozie-admin, add the chosen username to adminusers.txt under the $OOZIE_HOME/conf directory.

Here is a sample adminusers.txt file:

#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Users should be set using following rules:
#
#     One user name per line
#     Empty lines and lines starting with '#' are ignored

oozie
oozie-admin