Wednesday, 2 December 2015

Apache sentry configuration on MapR Hadoop



Step  1) Please add below property in hive-site.xml

[root@mfs021 ~]# vim /opt/mapr/hive/hive-0.13/conf/hive-site.xml

<property>
  <name>hive.server2.session.hook</name>
  <value>org.apache.sentry.binding.hive.HiveAuthzBindingSessionHook</value>
</property>

<property>
  <name>hive.sentry.conf.url</name>
   <value>file:///opt/mapr/sentry/sentry-1.4.0/conf/sentry-site.xml</value>
 </property>

<property>
  <name>hive.security.authorization.task.factory</name>
  <value>org.apache.sentry.binding.hive.SentryHiveAuthorizationTaskFactoryImpl</value>
</property>

<property>
  <name> hive.metastore.execute.setugi </name>
   <value> true </value>
 </property>

Step 2) Please add below property in sentry-site.xml

[root@mfs021 ~]# vim /opt/mapr/sentry/sentry-1.4.0/conf/sentry-site.xml


<property>
        <name>sentry.hive.provider.backend</name>
        <value>org.apache.sentry.provider.file.SimpleFileProviderBackend</value>
      </property>

    <property>
        <name>sentry.hive.provider.resource</name>
        <value>file:///opt/mapr/sentry/sentry-1.4.0/conf/global-policy.ini</value>
    </property>

Step 3) Please add below property in global-policy.ini

[root@mfs021 ~]# vim /opt/mapr/sentry/sentry-1.4.0/conf/global-policy.ini

[groups]
mapr = admin_role
sentry_user = user_role

[roles]
admin_role = server=HS2
user_role = server=HS2->db=default->table=*->action=Select


Step 4) Add user and group

groupadd sentry_user
useradd -G sentry_user sentry_user1


Stpe 5) Check you configuration




[mapr@maprdemo ~]$ /opt/mapr/hive/hive-0.13/bin/beeline
beeline> !connect jdbc:hive2://localhost:10000
scan complete in 4ms
Connecting to jdbc:hive2://localhost:10000
Enter username for jdbc:hive2://localhost:10000: sentry_user1
Enter password for jdbc:hive2://localhost:10000: *
Connected to: Apache Hive (version 0.13.0-mapr-1510)
Driver: Hive JDBC (version 0.13.0-mapr-1510)
Transaction isolation: TRANSACTION_REPEATABLE_READ
0: jdbc:hive2://localhost:10000> show tables;
+-----------+
| tab_name  |
+-----------+
+-----------+
No rows selected (0.409 seconds)
0: jdbc:hive2://localhost:10000> create table xyz(id int);
Error: Error while compiling statement: FAILED: SemanticException No valid privileges
 Required privileges for this query: Server=HS2->Db=default->action=*; (state=42000,code=40000)
0: jdbc:hive2://localhost:10000> show tables;
+-----------+
| tab_name  |
+-----------+
| mno       |
+-----------+
1 row selected (0.346 seconds)
0: jdbc:hive2://localhost:10000> drop table mno;
Error: Error while compiling statement: FAILED: SemanticException No valid privileges
 Required privileges for this query: Server=HS2->Db=default->Table=mno->action=*; (state=42000,code=40000)
0: jdbc:hive2://localhost:10000> select * from mno;
+---------+
| mno.id  |
+---------+
+---------+
No rows selected (0.616 seconds)
0: jdbc:hive2://localhost:10000>


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ansible Cheat sheet

Install Ansible  # yum install ansible Host file configuration  File  [ansible@kuber2 ~]$ cat /etc/ansible/hosts     [loca...

  • HBASE TABLE ROW COUNT
    STEP 1:- Rowcounter  is a mapreduce job to count all the rows of a table. This is a good utility to use as a sanity check to ensure tha...
  • Impala openldap configuration
    Step 1: Add below line in impala env.sh [root@mfs022 ~]# vim /opt/mapr/impala/impala-1.4.1/conf/env.sh      IMPALA_SERVER_ARGS=  ...
  • ACCESS HBASE TABLE WITH TABLEAU DESKTOP 8.0
    Hope you have Tableau installed on system . Concept :- You can't directly connect to hbase  table via tableau you need to connec...