Skip to content
This repository was archived by the owner on May 12, 2021. It is now read-only.

Commit 0ec663f

Browse files
author
Sravya Tirukkovalur
committed
SENTRY-333: Add conf directory to sentry distribution- applying the patch correctly (Tuong Truong via Sravya Tirukkovalur)
1 parent b17da44 commit 0ec663f

5 files changed

+399
-0
lines changed

conf/sentry-site.xml.hive-client.example

+72
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
<?xml version="1.0"?>
2+
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
3+
<!--
4+
Licensed to the Apache Software Foundation (ASF) under one or more
5+
contributor license agreements. See the NOTICE file distributed with
6+
this work for additional information regarding copyright ownership.
7+
The ASF licenses this file to You under the Apache License, Version 2.0
8+
(the "License"); you may not use this file except in compliance with
9+
the License. You may obtain a copy of the License at
10+
11+
http://www.apache.org/licenses/LICENSE-2.0
12+
13+
Unless required by applicable law or agreed to in writing, software
14+
distributed under the License is distributed on an "AS IS" BASIS,
15+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+
See the License for the specific language governing permissions and
17+
limitations under the License.
18+
-->
19+
20+
<configuration>
21+
<property>
22+
<name>sentry.hive.provider</name>
23+
<value>org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider</value>
24+
</property>
25+
<property>
26+
<name>sentry.hive.server</name>
27+
<value>server1</value>
28+
</property>
29+
<property>
30+
<name>sentry.hive.testing.mode</name>
31+
<value>false</value>
32+
</property>
33+
<property>
34+
<name>sentry.service.client.server.rpc-port</name>
35+
<value>8038</value>
36+
</property>
37+
<property>
38+
<name>sentry.service.client.server.rpc-address</name>
39+
<value>localhost</value>
40+
</property>
41+
<property>
42+
<name>sentry.service.client.server.rpc-connection-timeout</name>
43+
<value>200000</value>
44+
</property>
45+
<!--
46+
Properties required for setting the DB provider
47+
-->
48+
<property>
49+
<name>sentry.hive.provider.backend</name>
50+
<value>org.apache.sentry.provider.db.SimpleDBProviderBackend</value>
51+
</property>
52+
<property>
53+
<name>sentry.service.security.mode</name>
54+
<value>none</value>
55+
</property>
56+
<property>
57+
<name>sentry.service.server.principal</name>
58+
<value>hivemeta/centos64.cloudera.com@HS2.CLOUDERA.COM</value>
59+
</property>
60+
<property>
61+
<name>sentry.metastore.service.users</name>
62+
<value>hive</value>
63+
</property>
64+
65+
<!-- Deprecated, file provider
66+
<property>
67+
<name>sentry.hive.provider.resource</name>
68+
<value>file:///home/prasadm/sentry/config/global-policy.ini</value>
69+
</property>
70+
-->
71+
</configuration>
72+

conf/sentry-site.xml.hive-client.template

+100
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,100 @@
1+
<?xml version="1.0"?>
2+
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
3+
<!--
4+
Licensed to the Apache Software Foundation (ASF) under one or more
5+
contributor license agreements. See the NOTICE file distributed with
6+
this work for additional information regarding copyright ownership.
7+
The ASF licenses this file to You under the Apache License, Version 2.0
8+
(the "License"); you may not use this file except in compliance with
9+
the License. You may obtain a copy of the License at
10+
11+
http://www.apache.org/licenses/LICENSE-2.0
12+
13+
Unless required by applicable law or agreed to in writing, software
14+
distributed under the License is distributed on an "AS IS" BASIS,
15+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+
See the License for the specific language governing permissions and
17+
limitations under the License.
18+
-->
19+
20+
<!-- WARNING!!! This file is provided for documentation purposes ONLY! -->
21+
<!-- WARNING!!! You should copy to sentry-site.xml and make modification instead. -->
22+
23+
24+
<configuration>
25+
26+
<property>
27+
<name>sentry.service.security.mode</name>
28+
<value>kerberos</value>
29+
<description>Options: kerberos, none. Authentication mode for Sentry service. Currently supports Kerberos and trusted mode </description>
30+
</property>
31+
32+
<property>
33+
<name>sentry.service.server.principal</name>
34+
<value> </value>
35+
<description>Service Kerberos principal</description>
36+
</property>
37+
38+
39+
<property>
40+
<name>sentry.service.client.server.rpc-address</name>
41+
<value> </value>
42+
<description> TCP address of the sentry store server</description>
43+
</property>
44+
45+
<property>
46+
<name>sentry.service.client.server.rpc-port</name>
47+
<value> </value>
48+
<description>Port # of the sentry store server</description>
49+
</property>
50+
51+
<property>
52+
<name>sentry.service.client.server.rpc-connection-timeout</name>
53+
<value>200000</value>
54+
<description>Client timeout default(200000) RPC connection timeout in milisecs</description>
55+
</property>
56+
57+
<property>
58+
<name>sentry.metastore.service.users</name>
59+
<value> </value>
60+
<description>
61+
Comma separated list of users
62+
List of service users (eg hive, impala) to bypass
63+
the Sentry metastore authorization. These
64+
services handle the metadata authorization
65+
on their side.
66+
</description>
67+
</property>
68+
69+
<!--
70+
Some common client properties same as file
71+
based provider
72+
-->
73+
74+
<property>
75+
<name>sentry.provider</name>
76+
<value>org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider</value>
77+
<description> Deprecated name: hive.sentry.provider. Group mapping which should be used at client side</description>
78+
</property>
79+
80+
<property>
81+
<name>sentry.hive.server</name>
82+
<value>HS2</value>
83+
<description> Deprecated name: hive.sentry.server. Defaut: HS2. Hive Server2 Server identifier like "server1"</description>
84+
</property>
85+
86+
<property>
87+
<name>sentry.hive.failure.hooks</name>
88+
<value> </value>
89+
<description>Deprecated Name: hive.sentry.failure.hooks. Any failure hooks to be configured like navigator (i.e. com.cloudera.navigator.audit.hive.HiveSentryOnFailureHook)</description>
90+
</property>
91+
92+
<property>
93+
<name>sentry.hive.provider.backend</name>
94+
<value>org.apache.sentry.provider.file.SimpleFileProviderBackend</value>
95+
<description> Options: {org.apache.sentry.provider.db.SimpleDBProviderBackend, org.apache.sentry.provider.file.SimpleFileProviderBackend}
96+
Privilege provider to be used, we support file based or db based
97+
</description>
98+
</property>
99+
100+
</configuration>

conf/sentry-site.xml.service.example

+65
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
<?xml version="1.0"?>
2+
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
3+
<!--
4+
Licensed to the Apache Software Foundation (ASF) under one or more
5+
contributor license agreements. See the NOTICE file distributed with
6+
this work for additional information regarding copyright ownership.
7+
The ASF licenses this file to You under the Apache License, Version 2.0
8+
(the "License"); you may not use this file except in compliance with
9+
the License. You may obtain a copy of the License at
10+
11+
http://www.apache.org/licenses/LICENSE-2.0
12+
13+
Unless required by applicable law or agreed to in writing, software
14+
distributed under the License is distributed on an "AS IS" BASIS,
15+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+
See the License for the specific language governing permissions and
17+
limitations under the License.
18+
-->
19+
20+
<configuration>
21+
<property>
22+
<name>sentry.hive.server</name>
23+
<value>server1</value>
24+
</property>
25+
<property>
26+
<name>sentry.store.jdbc.url</name>
27+
<value>jdbc:derby:;databaseName=metastore_db;create=true</value>
28+
</property>
29+
<property>
30+
<name>sentry.service.security.mode</name>
31+
<value>kerberos</value>
32+
</property>
33+
<property>
34+
<name>sentry.service.server.principal</name>
35+
<value></value>
36+
</property>
37+
<property>
38+
<name>sentry.service.server.keytab</name>
39+
<value></value>
40+
</property>
41+
<property>
42+
<name>sentry.service.admin.group</name>
43+
<value>hive</value>
44+
</property>
45+
<property>
46+
<name>sentry.service.allow.connect</name>
47+
<value>hive</value>
48+
</property>
49+
<property>
50+
<name>sentry.store.jdbc.driver</name>
51+
<value>org.apache.derby.jdbc.EmbeddedDriver</value>
52+
</property>
53+
<property>
54+
<name>sentry.store.jdbc.user</name>
55+
<value>sentry</value>
56+
</property>
57+
<property>
58+
<name>sentry.store.jdbc.password</name>
59+
<value>test</value>
60+
</property>
61+
<property>
62+
<name>sentry.verify.schema.version</name>
63+
<value>true</value>
64+
</property>
65+
</configuration>

conf/sentry-site.xml.service.template

+126
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,126 @@
1+
<?xml version="1.0"?>
2+
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
3+
<!--
4+
Licensed to the Apache Software Foundation (ASF) under one or more
5+
contributor license agreements. See the NOTICE file distributed with
6+
this work for additional information regarding copyright ownership.
7+
The ASF licenses this file to You under the Apache License, Version 2.0
8+
(the "License"); you may not use this file except in compliance with
9+
the License. You may obtain a copy of the License at
10+
11+
http://www.apache.org/licenses/LICENSE-2.0
12+
13+
Unless required by applicable law or agreed to in writing, software
14+
distributed under the License is distributed on an "AS IS" BASIS,
15+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16+
See the License for the specific language governing permissions and
17+
limitations under the License.
18+
-->
19+
20+
<!-- WARNING!!! This file is provided for documentation purposes ONLY! -->
21+
<!-- WARNING!!! You should copy to sentry-site.xml and make modification instead. -->
22+
23+
<configuration>
24+
25+
<property>
26+
<name>sentry.verify.schema.version</name>
27+
<value> </value>
28+
<description>
29+
value: true, false
30+
true Sentry store will verify the schema version in backed DB with expected version in jar.
31+
The service won't start if there's a mismatch
32+
</description>
33+
</property>
34+
35+
<property>
36+
<name>sentry.service.server-max-threads</name>
37+
<value> </value>
38+
<description> Number of threads 500 Max worker threads to serve client requests</description>
39+
</property>
40+
41+
<property>
42+
<name>sentry.service.server-min-threads</name>
43+
<value> </value>
44+
<description>Number of threads 10 Min worker threads to serve client requests</description>
45+
</property>
46+
47+
<property>
48+
<name>sentry.service.allow.connect</name>
49+
<value> </value>
50+
<description>comma separated list of users - List of users that are allowed to connect to the service (eg Hive, Impala) </description>
51+
</property>
52+
53+
<property>
54+
<name>sentry.store.jdbc.url</name>
55+
<value> </value>
56+
<description>JDBC connection URL for the backed DB</description>
57+
</property>
58+
59+
<property>
60+
<name>sentry.store.jdbc.user</name>
61+
<value>Setnry</value>
62+
<description>Userid for connecting to backend db </description>
63+
</property>
64+
65+
<property>
66+
<name>sentry.store.jdbc.password</name>
67+
<value>Sentry</value>
68+
<description>Sentry password for backend JDBC user </description>
69+
</property>
70+
71+
<property>
72+
<name>sentry.service.server.keytab</name>
73+
<value></value>
74+
<description>Keytab for service principal</description>
75+
</property>
76+
77+
<property>
78+
<name>sentry.service.server.rpcport</name>
79+
<value>8038</value>
80+
<description> TCP port number for service</description>
81+
</property>
82+
83+
<property>
84+
<name>sentry.service.server.rpcaddress</name>
85+
<value>0.0.0.0</value>
86+
<description> TCP interface for service to bind to</description>
87+
</property>
88+
89+
<property>
90+
<name>sentry.store.jdbc.driver</name>
91+
<value>org.apache.derby.jdbc.EmbeddedDriver</value>
92+
<description>Backend JDBC driver - org.apache.derby.jdbc.EmbeddedDriver (only when dbtype = derby) JDBC Driver class for the backed DB</description>
93+
</property>
94+
95+
<property>
96+
<name>sentry.service.admin.group</name>
97+
<value> </value>
98+
<description>Comma separates list of groups. List of groups allowed to make policy updates</description>
99+
</property>
100+
101+
<property>
102+
<name>sentry.store.group.mapping</name>
103+
<value>org.apache.sentry.provider.common.HadoopGroupMappingService</value>
104+
<description>
105+
Group mapping class for Sentry service. org.apache.sentry.provider.file.LocalGroupMapping service can be used for local group mapping. </description>
106+
</property>
107+
108+
<property>
109+
<name>sentry.store.group.mapping.resource</name>
110+
<value> </value>
111+
<description> Policy file for group mapping. Policy file path for local group mapping, when sentry.store.group.mapping is set to LocalGroupMapping Service class.</description>
112+
</property>
113+
114+
<property>
115+
<name>sentry.service.security.mode</name>
116+
<value>kerberos</value>
117+
<description>Options: kerberos, none. Authentication mode for Sentry service. Currently supports Kerberos and trusted mode </description>
118+
</property>
119+
120+
<property>
121+
<name>sentry.service.server.principal</name>
122+
<value> </value>
123+
<description>Service Kerberos principal</description>
124+
</property>
125+
126+
</configuration>

0 commit comments

Comments
 (0)