Setting permissions to run the agent as a different user 

Describes necessary directory and file permissions if you need to run the agent as a different user than the default user for DataStax Enterprise, which is cassandra.

Running the agent as the same user running DataStax Enterprise is highly recommended because directory and file permissions do not need to be set manually. By default, the DataStax agent when installed by deb or rpm packages runs as the same user as DSE, which is cassandra. Those who install the agent from a tarball are responsible for manually configuring running the agent and DSE as different users.

Prerequisites

Ensure the necessary read and write permissions are set for the user or group running the agent:
Directory and File Permissions
Feature functionality Permissions required
General agent functionality Read permission to cassandra.yaml
Configuring a cluster Read/write permissions to configuration directories and files.
Backup and restore
  • Read/write permissions to configuration directories and files.
  • Read/write permissions to Cassandra data directories.
    Note: A umask must also be set to accommodate group permissions for new tables and data.
  • If commit log archiving is enabled, the DataStax Enterprise process must also have permissions to run the agent's archive script and write permissions to the configured backup directory.
Directory and File Locations
Directory/File Location
cassandra.yaml See Configuration directories and files below.
Configuration directories and files
  • DataStax Enterprise Package and Installer-Services installations: : /etc/dse
  • DataStax Enterprise Tarball and Installer-No Services installations: : install_location/conf
Data directories Default: /var/lib/cassandra
Note: Location is user-configurable; set in cassandra.yaml.
Commit log archiving script
  • Agent package install: /usr/share/datastax-agent/bin/archive_commitlog.sh
  • Agent tarball install: install_location/bin/archive_commitlog.sh

Procedure

To set up the umask:

  1. Open a terminal.
  2. To give read/write permissions for new tables and data, edit the appropriate shell file for the DataStax Enterprise environment:
    File Location
    dse-env.sh
    • /etc/dse/
    • install_location/conf/
    cassandra-env.sh
    • /etc/cassandra
    • install_location/conf
  3. Add the command umask 002 to the top of the file.
    Setting the umask to 002 is required because Cassandra creates new directories or files as 0700 by default, which does not grant read or write permissions.
    umask 002