Directory permissions when using PAM authentication backend
If you are using Pluggable Authentication Modules (PAM) for authenticating Hue users, then ensure that the Hue users have access to the /etc/shadow directory. Use an approach suitable to your organization's security policies.
Making Hue application user a member of the shadow group
This approach involves creating a
group and adding hue to this
group. Then you must allow the shadow
group read access to the
/etc/shadow directory.shadow
Using Access Contol Lists (Recommended)
You can use Linux's ACLs to permit hue user read access to the /etc/shadow directory by using the setfacl command. Cloudera recommends this approach.
