我啓用Cloudera 5測試版的安全模式。與cloudera經理和執行第8步安全使文件從here cloudera經理應該發射生成憑證命令,但它不是。Kadmin不能創建原則,但kadmin.local可以
所以我正在做的是手動運行生成憑證,但它給我錯誤的日誌即ie。
KADMIN='kadmin -k -t /etc/cloudera-scm-server/cmf.keytab -p cloudera-scm/[email protected] -r IMP.CO.IN'
+ kadmin -k -t /etc/cloudera-scm-server/cmf.keytab -p cloudera-scm/[email protected] -r IMP.CO.IN -q 'addprinc -randkey hue/[email protected]'
WARNING: no policy specified for hue/[email protected]; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating "hue/[email protected]".
+ kadmin -k -t /etc/cloudera-scm-server/cmf.keytab -p cloudera-scm/[email protected] -r IMP.CO.IN -q 'xst -k /tmp/cmf4198733808580266866.keytab hue/[email protected]'
kadmin: Operation requires ``change-password'' privilege while changing hue/[email protected]'s key
+ chmod 600 /tmp/cmf4198733808580266866.keytab
chmod: cannot access `/tmp/cmf4198733808580266866.keytab': No such file or directory
似乎kadmin不能創造原則。
我的問題是我該如何給kadmin添加原則特權,或者如何使用kadmin.local運行此命令?
有沒有什麼辦法,所以我可以從這個問題脫身......