Hi Thelmo:
Could you please verify the below?
<p class=”p1″>— Knox knows that authentication is set to kerberos.</p>
<p class=”p2″> One way to do that – create a link to core-site.xml under knox config folder</p>
<p class=”p2″> ln -s /etc/hadoop/conf/core-site.xml /etc/knox/conf/core-site.xml</p>
<p class=”p2″> If Namenode HA is enabled, also link hdfs-site.xml</p>
<p class=”p2″> <span style=”line-height: 1.5;”>ln -s /etc/hadoop/conf/hdfs-site.xml /etc/knox/conf/hdfs-site.xml</span></p>
<p class=”p1″>— Knox service user has the right permission to write to HDFS folders</p>
<p class=”p1″>— Knox service principal is configured correctly</p>
<p class=”p1″>— Knox service user can proxy as other users</p>
<p class=”p2″> You can do the below in core-site.xml</p>
<p class=”p2″> Add hadoop.proxyuser.knox.users property with value “<b>*</b>” or service user i.e knox</p>
<p class=”p2″> Add hadoop.proxyuser.knox.groups property <span style=”line-height: 1.5;”>with value “</span><b style=”line-height: 1.5;”>*</b><span style=”line-height: 1.5;”>” or service user i.e knox</span></p>
Hope this helps. Let us know if you have any questions.
Thank you,
Vel