Directory permissions when using PAM authentication backend
If you are using Pluggable Authentication Modules (PAM) for authenticating Hue users, then ensure that the Hue users have access to the /etc/shadow directory. Use an approach suitable to your organization's security policies.
Making Hue application user a member of the shadow group
This approach involves creating a
group and adding hue to this
group. Then you must allow the
group read access to the
Using Access Contol Lists (Recommended)
You can use Linux's ACLs to permit hue user read access to the /etc/shadow directory by using the setfacl command. Cloudera recommends this approach.