This repository was archived by the owner on May 12, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 88
/
Copy pathsentry-site.xml.service.template
156 lines (130 loc) · 5.36 KB
/
sentry-site.xml.service.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- WARNING!!! This file is provided for documentation purposes ONLY! -->
<!-- WARNING!!! You should copy to sentry-site.xml and make modification instead. -->
<configuration>
<property>
<name>sentry.verify.schema.version</name>
<value> </value>
<description>
value: true, false
true Sentry store will verify the schema version in backed DB with expected version in jar.
The service won't start if there's a mismatch
</description>
</property>
<property>
<name>sentry.service.server-max-threads</name>
<value> </value>
<description> Number of threads 500 Max worker threads to serve client requests</description>
</property>
<property>
<name>sentry.service.server-min-threads</name>
<value> </value>
<description>Number of threads 10 Min worker threads to serve client requests</description>
</property>
<property>
<name>sentry.service.allow.connect</name>
<value> </value>
<description>comma separated list of users - List of users that are allowed to connect to the service (eg Hive, Impala) </description>
</property>
<property>
<name>sentry.store.jdbc.url</name>
<value> </value>
<description>JDBC connection URL for the backed DB</description>
</property>
<property>
<name>sentry.store.jdbc.user</name>
<value>Sentry</value>
<description>The username of the user that connects to the Sentry database</description>
</property>
<property>
<name>sentry.store.jdbc.password</name>
<value>Sentry</value>
<description>Sentry password for backend JDBC user </description>
</property>
<property>
<name>sentry.service.server.keytab</name>
<value></value>
<description>Keytab for service principal</description>
</property>
<property>
<name>sentry.service.server.rpcport</name>
<value>8038</value>
<description> TCP port number for service</description>
</property>
<property>
<name>sentry.service.server.rpcaddress</name>
<value>0.0.0.0</value>
<description> TCP interface for service to bind to</description>
</property>
<property>
<name>sentry.store.jdbc.driver</name>
<value>org.apache.derby.jdbc.EmbeddedDriver</value>
<description>Backend JDBC driver - org.apache.derby.jdbc.EmbeddedDriver (only when dbtype = derby) JDBC Driver class for the backed DB</description>
</property>
<property>
<name>sentry.service.admin.group</name>
<value> </value>
<description>Comma separates list of groups. List of groups allowed to make policy updates</description>
</property>
<property>
<name>sentry.store.group.mapping</name>
<value>org.apache.sentry.provider.common.HadoopGroupMappingService</value>
<description>
Group mapping class for Sentry service. org.apache.sentry.provider.file.LocalGroupMapping service can be used for local group mapping. </description>
</property>
<property>
<name>sentry.store.group.mapping.resource</name>
<value> </value>
<description> Policy file for group mapping. Policy file path for local group mapping, when sentry.store.group.mapping is set to LocalGroupMapping Service class.</description>
</property>
<property>
<name>sentry.service.security.mode</name>
<value>kerberos</value>
<description>Options: kerberos, none. Authentication mode for Sentry service. Currently supports Kerberos and trusted mode </description>
</property>
<property>
<name>sentry.service.server.principal</name>
<value> </value>
<description>Service Kerberos principal</description>
</property>
<property>
<name>sentry.service.web.enable</name>
<value>false</value>
<description>Enable web service</description>
</property>
<property>
<name>sentry.service.web.authentication.type</name>
<value>NONE</value>
<description>Options: kerberos, NONE. Authentication mode for Sentry web service.</description>
</property>
<property>
<name>sentry.service.web.authentication.kerberos.keytab</name>
<value></value>
<description>Keytab for web service principal</description>
</property>
<property>
<name>sentry.service.web.authentication.kerberos.principal</name>
<value></value>
<description>Web service Kerberos principal</description>
</property>
<property>
<name>sentry.service.web.authentication.allow.connect.users</name>
<value></value>
<description>comma separated list of users - List of users that are allowed to connect to the web service (eg Hive, Impala) </description>
</property>
</configuration>