Directory permissions when using PAM authentication backend
If you are using Pluggable Authentication Modules (PAM) for authenticating Hue users, then ensure that the Hue users have access to the /etc/shadow directory. Use an approach suitable to your organization's security policies.
Making Hue application user a member of the shadow group
This approach involves creating a
group and adding
to this group. Then you must
read access permission
to the /etc/shadow directory.
Using Access Contol Lists (Recommended)
You can use Linux's ACLs to permit Hue user a read access permission to the /etc/shadow directory by using the setfacl command. Cloudera recommends this approach.