Description
Here are the steps to reproduce this issue (thanks Ramesh Mani):
- sudo su hdfs
- hdfs dfs -mkdir -p /demo/data
- hdfs dfs -chmod 700 /demo
- hdfs dfs -chmod 700 /demo/data
- Create a Ranger policy that allows rwx access on /demo directory to user “guest”, with recursive enabled.
- sudo su guest
- hdfs dfs -ls /demo (this works )
- hdfs dfs –ls /demo/data (this fails with the following error)
ls: Permission denied: user=guest, access=EXECUTE, inode="/demo/data":hdfs:hdfs:drwx------
Since a Ranger policy exists to allow 'rwx' access to user 'guest' on files and directories under /demo, the user should be allowed to "ls /demo/data".