Pivotal Knowledge Base


"Permission denied" error seen while starting PXF service in Ambari


Product Version
PHD  3.x
PXF Service  2.x


When trying to start Pivotal Extension Framework (PXF) via Ambari, the start fails and the following error can be seen:

2016-02-25 09:38:56,296 - Error while executing command 'start':
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py", line 123, in execute
  File "/var/lib/ambari-agent/cache/stacks/PHD/3.0/services/PXF/package/scripts/pxfservice.py", line 17, in start
  File "/var/lib/ambari-agent/cache/stacks/PHD/3.0/services/PXF/package/scripts/pxf.py", line 28, in start
    Execute(command, timeout=600)
  File "/usr/lib/python2.6/site-packages/resource_management/core/base.py", line 148, in __init__
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 149, in run
    self.run_action(resource, action)
  File "/usr/lib/python2.6/site-packages/resource_management/core/environment.py", line 115, in run_action
  File "/usr/lib/python2.6/site-packages/resource_management/core/providers/system.py", line 241, in action_run
    raise ex
Fail: Execution of 'service pxf-service start' returned 1. /var/gphd/pxf /
bash: /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh: Permission denied


This can be caused by incorrect permissions on the the file /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh or incorrect group membership of the PXF user. 


1. Check the permissions on /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh. They should look like this: 

[root@hadoop ~]# ls -ltr /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh
-rwxr-x--- 1 root vfabric 13015 Jul 28 2014 /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh
[root@hadoop ~]#

2. Correct the permissions if necessary (note that it may be necessary to also correct permissions on parent directories): 

chown root:vfabric /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh
chmod 750 /opt/vmware/vfabric-tc-server-standard/tcruntime-ctl.sh

3. If the permissions are correct, check that pxf group membership is correct. The PXF user should be part of the groups PXF, hadoop, hdfs, and vfabric:

[root@hadoop ~]# su - pxf
su: warning: cannot change directory to /home/pxf: No such file or directory
-bash-4.1$ id
uid=494(pxf) gid=493(pxf) groups=493(pxf),498(hdfs),500(hadoop),503(vfabric)

 4. If the group membership is incorrect, the system administrator should modify the PXF user to ensure that the PXF user is part of hdfs, hadoop, PXF and vfabric groups as per the output shown above.





Powered by Zendesk