Managing Users and Groups
The following two users are important when installing and setting up MapR software:
root
is used to install MapR software on each node.- The “MapR user” is the user that MapR services run as (typically named mapr or hadoop) on each node. The MapR user has full privileges to administer the cluster. Administrative privilege with varying levels of control can be assigned to other users as well.
Before installing MapR, decide on the name, user id (UID) and group id (GID) for the MapR user. The MapR user must exist on each node, and the user name, UID and primary GID must match on all nodes.
- When adding a user to a cluster node, specify the
--uid
option with theuseradd
command to guarantee that the user has the same UID on all machines. - When adding a group to a cluster node, specify the
--gid
option with thegroupadd
command to guarantee that the group has the same GID on all machines.
MapR uses each node's native operating system configuration to authenticate users and groups for access to the cluster. If you are deploying a large cluster, you should consider configuring all nodes to use LDAP or another user management system. You can use the MapR Control System to give specific permissions to particular users and groups. For more information, see Setting User Permissions. Each user can be restricted to a specific amount of disk usage. For more information, see Setting Quotas for Users and Groups.
By default, MapR gives the user root
full administrative permissions. If the
nodes do not have an explicit root
login, give full permissions to another
user after deployment. See Setting the Administrative User.
On the node where you plan to run the mapr-webserver
(the MapR Control
System), install Pluggable Authentication Modules (PAM). See PAM Configuration for more information.
You can perform the following procedures to manage users and groups in a MapR cluster: