A small set of fixes

/'s security mode should be 0775 not 0774 so users can access subdirs
	Indenting was weird on the ports
	Correcting the file which is updated on namenode initialization

hadoop/roles/common/templates/iptables.j2

@@ -5,29 +5,31 @@
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 {% if 'hadoop_masters' in group_names %}
--A INPUT -p tcp  --dport {{ hadoop['fs_default_FS_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['dfs_namenode_http_address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['mapred_job_tracker_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['mapred_job_tracker_http_address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['mapred_ha_jobtracker_rpc-address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['mapred_ha_zkfc_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['dfs_ha_zkfc_port'] }} -j  ACCEPT
-
+-A INPUT -p tcp --dport {{ hadoop['fs_default_FS_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['dfs_namenode_http_address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['mapred_job_tracker_port'] }} -j  ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['mapred_job_tracker_http_address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['mapred_ha_jobtracker_rpc-address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['mapred_ha_zkfc_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['dfs_ha_zkfc_port'] }} -j ACCEPT
 {% endif %}
+
 {% if 'hadoop_slaves' in group_names %}
--A INPUT -p tcp  --dport {{ hadoop['dfs_datanode_address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['dfs_datanode_http_address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['dfs_datanode_ipc_address_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['mapred_task_tracker_http_address_port'] }} -j  ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['dfs_datanode_address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['dfs_datanode_http_address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['dfs_datanode_ipc_address_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['mapred_task_tracker_http_address_port'] }} -j ACCEPT
 {% endif %}
+
 {% if 'qjournal_servers' in group_names %}
--A INPUT -p tcp  --dport {{ hadoop['qjournal_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['qjournal_http_port'] }} -j  ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['qjournal_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['qjournal_http_port'] }} -j ACCEPT
 {% endif %}
+
 {% if 'zookeeper_servers' in group_names %}
--A INPUT -p tcp  --dport {{ hadoop['zookeeper_clientport'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['zookeeper_leader_port'] }} -j  ACCEPT
--A INPUT -p tcp  --dport {{ hadoop['zookeeper_election_port'] }} -j  ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['zookeeper_clientport'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['zookeeper_leader_port'] }} -j ACCEPT
+-A INPUT -p tcp --dport {{ hadoop['zookeeper_election_port'] }} -j ACCEPT
 {% endif %}
 -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
@@ -36,6 +38,3 @@
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
 -A FORWARD -j REJECT --reject-with icmp-host-prohibited
 COMMIT
-
-
-

hadoop/roles/hadoop_primary/tasks/hadoop_master_no_ha.yml

@@ -32,7 +32,7 @@
   service: name=hadoop-hdfs-namenode state=started
 
 - name: Give permissions for mapred users
-  shell: creates=/usr/lib/hadoop/fs.initialized su - hdfs -c "hadoop fs -chown hdfs:hadoop /"; su - hdfs -c "hadoop fs -chmod 0774 /"; touch /usr/lib/hadoop/namenode.initialized
+  shell: creates=/usr/lib/hadoop/namenode.initialized su - hdfs -c "hadoop fs -chown hdfs:hadoop /"; su - hdfs -c "hadoop fs -chmod 0775 /"; touch /usr/lib/hadoop/namenode.initialized
 
 - name: start hadoop jobtracker services
   service: name=hadoop-0.20-mapreduce-jobtracker state=started