You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by sz...@apache.org on 2019/11/25 13:57:42 UTC
[hive] branch master updated (47d3b59 -> 1e09f07)
This is an automated email from the ASF dual-hosted git repository.
szita pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git.
from 47d3b59 HIVE-21917: COMPLETED_TXN_COMPONENTS table is never cleaned up unless Compactor runs (Denys Kuzmenko reviewed by Craig Condit and Peter Vary)
new 2f2c498 Adam llap dev
new 1e09f07 HIVE-22533: Fix possible LLAP daemon web UI vulnerabilities (WIP)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../java/org/apache/hadoop/hive/conf/HiveConf.java | 4 +
.../src/java/org/apache/hive/http/HttpServer.java | 19 +-
data/conf/llap/hive-site.xml | 738 +++++++++++----------
.../llap/daemon/services/impl/LlapWebServices.java | 7 +
.../daemon/services/impl/TestLlapWebServices.java | 39 +-
.../hive/service/server/TestHS2HttpServer.java | 23 +-
6 files changed, 465 insertions(+), 365 deletions(-)
[hive] 02/02: HIVE-22533: Fix possible LLAP daemon web UI
vulnerabilities (WIP)
Posted by sz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
szita pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
commit 1e09f07afc421b3afa3a921a870d69c8b470a356
Author: Adam Szita <sz...@cloudera.com>
AuthorDate: Mon Nov 25 11:10:33 2019 +0100
HIVE-22533: Fix possible LLAP daemon web UI vulnerabilities (WIP)
Change-Id: I72b64f75cc7818b858534a8ce46dd7cad048e8a6
---
.../java/org/apache/hadoop/hive/conf/HiveConf.java | 4 +++
.../src/java/org/apache/hive/http/HttpServer.java | 19 +++++++++--
.../llap/daemon/services/impl/LlapWebServices.java | 7 ++++
.../daemon/services/impl/TestLlapWebServices.java | 39 +++++++++++++++++++---
.../hive/service/server/TestHS2HttpServer.java | 23 ++++++++++---
5 files changed, 81 insertions(+), 11 deletions(-)
diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
index cfc9091..4393a28 100644
--- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
+++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
@@ -4517,6 +4517,10 @@ public class HiveConf extends Configuration {
"llap.daemon.service.port"),
LLAP_DAEMON_WEB_SSL("hive.llap.daemon.web.ssl", false,
"Whether LLAP daemon web UI should use SSL.", "llap.daemon.service.ssl"),
+ LLAP_DAEMON_WEB_XFRAME_ENABLED("hive.llap.daemon.web.xframe.enabled", true,
+ "Whether to enable xframe on LLAP daemon webUI\n"),
+ LLAP_DAEMON_WEB_XFRAME_VALUE("hive.llap.daemon.web.xframe.value", "SAMEORIGIN",
+ "Configuration to allow the user to set the x_frame-options value\n"),
LLAP_CLIENT_CONSISTENT_SPLITS("hive.llap.client.consistent.splits", true,
"Whether to setup split locations to match nodes on which llap daemons are running, " +
"instead of using the locations provided by the split itself. If there is no llap daemon " +
diff --git a/common/src/java/org/apache/hive/http/HttpServer.java b/common/src/java/org/apache/hive/http/HttpServer.java
index b3ce8da..52253f9 100644
--- a/common/src/java/org/apache/hive/http/HttpServer.java
+++ b/common/src/java/org/apache/hive/http/HttpServer.java
@@ -169,6 +169,7 @@ public class HttpServer {
private XFrameOption xFrameOption = XFrameOption.SAMEORIGIN;
private final List<Pair<String, Class<? extends HttpServlet>>> servlets =
new LinkedList<Pair<String, Class<? extends HttpServlet>>>();
+ private boolean disableDirListing = false;
public Builder(String name) {
Preconditions.checkArgument(name != null && !name.isEmpty(), "Name must be specified");
@@ -304,6 +305,10 @@ public class HttpServer {
this.xFrameOption = XFrameOption.getEnum(option);
return this;
}
+
+ public void setDisableDirListing(boolean disableDirListing) {
+ this.disableDirListing = disableDirListing;
+ }
}
public void start() throws Exception {
@@ -577,10 +582,14 @@ public class HttpServer {
}
Map<String, String> xFrameParams = setHeaders();
- if(b.xFrameEnabled){
+ if (b.xFrameEnabled) {
setupXframeFilter(b,xFrameParams);
}
+ if (b.disableDirListing) {
+ disableDirectoryListingOnServlet(webAppContext);
+ }
+
initializeWebServer(b, threadPool.getMaxThreads());
}
@@ -611,7 +620,7 @@ public class HttpServer {
webServer.setHandler(contexts);
- if(b.usePAM){
+ if (b.usePAM) {
setupPam(b, contexts);
}
@@ -646,6 +655,7 @@ public class HttpServer {
staticCtx.setResourceBase(appDir + "/static");
staticCtx.addServlet(DefaultServlet.class, "/*");
staticCtx.setDisplayName("static");
+ disableDirectoryListingOnServlet(staticCtx);
String logDir = getLogDir(b.conf);
if (logDir != null) {
@@ -749,6 +759,11 @@ public class HttpServer {
webAppContext.addServlet(holder, pathSpec);
}
+
+ private static void disableDirectoryListingOnServlet(ServletContextHandler contextHandler) {
+ contextHandler.setInitParameter("org.eclipse.jetty.servlet.Default.dirAllowed", "false");
+ }
+
/**
* The X-FRAME-OPTIONS header in HTTP response to mitigate clickjacking
* attack.
diff --git a/llap-server/src/java/org/apache/hadoop/hive/llap/daemon/services/impl/LlapWebServices.java b/llap-server/src/java/org/apache/hadoop/hive/llap/daemon/services/impl/LlapWebServices.java
index 3c124f9..59bdf53 100644
--- a/llap-server/src/java/org/apache/hadoop/hive/llap/daemon/services/impl/LlapWebServices.java
+++ b/llap-server/src/java/org/apache/hadoop/hive/llap/daemon/services/impl/LlapWebServices.java
@@ -83,6 +83,13 @@ public class LlapWebServices extends AbstractService {
HttpServer.Builder builder =
new HttpServer.Builder("llap").setPort(this.port).setHost(bindAddress);
builder.setConf(new HiveConf(conf, HiveConf.class));
+ builder.setDisableDirListing(true);
+ if (conf.getBoolean(ConfVars.LLAP_DAEMON_WEB_XFRAME_ENABLED.varname,
+ ConfVars.LLAP_DAEMON_WEB_XFRAME_ENABLED.defaultBoolVal)) {
+ builder.configureXFrame(true).setXFrameOption(
+ conf.get(ConfVars.LLAP_DAEMON_WEB_XFRAME_VALUE.varname,
+ ConfVars.LLAP_DAEMON_WEB_XFRAME_VALUE.defaultStrVal));
+ }
if (UserGroupInformation.isSecurityEnabled()) {
LOG.info("LLAP UI useSSL=" + this.useSSL + ", auto-auth/SPNEGO="
+ this.useSPNEGO + ", port=" + this.port);
diff --git a/llap-server/src/test/org/apache/hadoop/hive/llap/daemon/services/impl/TestLlapWebServices.java b/llap-server/src/test/org/apache/hadoop/hive/llap/daemon/services/impl/TestLlapWebServices.java
index 698a56e..5df6ea8 100644
--- a/llap-server/src/test/org/apache/hadoop/hive/llap/daemon/services/impl/TestLlapWebServices.java
+++ b/llap-server/src/test/org/apache/hadoop/hive/llap/daemon/services/impl/TestLlapWebServices.java
@@ -27,6 +27,12 @@ import java.io.StringWriter;
import java.net.HttpURLConnection;
import java.net.URL;
+import com.google.common.collect.ImmutableSet;
+
+import static java.net.HttpURLConnection.HTTP_FORBIDDEN;
+import static java.net.HttpURLConnection.HTTP_OK;
+import static org.junit.Assert.assertNotNull;
+
public class TestLlapWebServices {
private static LlapWebServices llapWS = null;
@@ -45,18 +51,43 @@ public class TestLlapWebServices {
@Test
public void testContextRootUrlRewrite() throws Exception {
String contextRootURL = "http://localhost:" + llapWSPort + "/";
- String contextRootContent = getURLResponseAsString(contextRootURL);
+ String contextRootContent = getURLResponseAsString(contextRootURL, HTTP_OK);
String indexHtmlUrl = "http://localhost:" + llapWSPort + "/index.html";
- String indexHtmlContent = getURLResponseAsString(indexHtmlUrl);
+ String indexHtmlContent = getURLResponseAsString(indexHtmlUrl, HTTP_OK);
Assert.assertEquals(contextRootContent, indexHtmlContent);
}
- private String getURLResponseAsString(String baseURL) throws IOException {
+ @Test
+ public void testDirListingDisabled() throws Exception {
+ for (String folder : ImmutableSet.of("images", "js", "css")) {
+ String url = "http://localhost:" + llapWSPort + "/" + folder;
+ getURLResponseAsString(url, HTTP_FORBIDDEN);
+ }
+ }
+
+ @Test
+ public void testBaseUrlResponseHeader() throws Exception{
+ String baseURL = "http://localhost:" + llapWSPort + "/";
+ URL url = new URL(baseURL);
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ String xfoHeader = conn.getHeaderField("X-FRAME-OPTIONS");
+ String xXSSProtectionHeader = conn.getHeaderField("X-XSS-Protection");
+ String xContentTypeHeader = conn.getHeaderField("X-Content-Type-Options");
+ assertNotNull(xfoHeader);
+ assertNotNull(xXSSProtectionHeader);
+ assertNotNull(xContentTypeHeader);
+ }
+
+ private static String getURLResponseAsString(String baseURL, int expectedStatus)
+ throws IOException {
URL url = new URL(baseURL);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(expectedStatus, conn.getResponseCode());
+ if (expectedStatus != HTTP_OK) {
+ return null;
+ }
StringWriter writer = new StringWriter();
IOUtils.copy(conn.getInputStream(), writer, "UTF-8");
return writer.toString();
diff --git a/service/src/test/org/apache/hive/service/server/TestHS2HttpServer.java b/service/src/test/org/apache/hive/service/server/TestHS2HttpServer.java
index 3047443..6c50e81 100644
--- a/service/src/test/org/apache/hive/service/server/TestHS2HttpServer.java
+++ b/service/src/test/org/apache/hive/service/server/TestHS2HttpServer.java
@@ -20,6 +20,7 @@ package org.apache.hive.service.server;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
+
import org.apache.commons.io.IOUtils;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hadoop.hive.conf.HiveConf.ConfVars;
@@ -50,6 +51,8 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
+import static java.net.HttpURLConnection.HTTP_FORBIDDEN;
+import static java.net.HttpURLConnection.HTTP_OK;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
@@ -110,7 +113,7 @@ public class TestHS2HttpServer {
String baseURL = "http://localhost:" + webUIPort + "/stacks";
URL url = new URL(baseURL);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(HTTP_OK, conn.getResponseCode());
BufferedReader reader =
new BufferedReader(new InputStreamReader(conn.getInputStream()));
boolean contents = false;
@@ -136,17 +139,27 @@ public class TestHS2HttpServer {
assertNotNull(xContentTypeHeader);
}
- private BufferedReader getReaderForUrl(String urlString) throws Exception {
+ @Test
+ public void testDirListingDisabledOnStaticServlet() throws Exception {
+ String url = "http://localhost:" + webUIPort + "/static";
+ getReaderForUrl(url, HTTP_FORBIDDEN);
+ }
+
+ private BufferedReader getReaderForUrl(String urlString, int expectedStatus) throws Exception {
URL url = new URL(urlString);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals(expectedStatus, conn.getResponseCode());
+ if (expectedStatus != HTTP_OK) {
+ return null;
+ }
+
BufferedReader reader =
new BufferedReader(new InputStreamReader(conn.getInputStream()));
return reader;
}
private String readFromUrl(String urlString) throws Exception {
- BufferedReader reader = getReaderForUrl(urlString);
+ BufferedReader reader = getReaderForUrl(urlString, HTTP_OK);
StringBuilder response = new StringBuilder();
String inputLine;
@@ -306,7 +319,7 @@ public class TestHS2HttpServer {
private String getURLResponseAsString(String baseURL) throws IOException {
URL url = new URL(baseURL);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals("Got an HTTP response code other thank OK.", HttpURLConnection.HTTP_OK, conn.getResponseCode());
+ Assert.assertEquals("Got an HTTP response code other thank OK.", HTTP_OK, conn.getResponseCode());
StringWriter writer = new StringWriter();
IOUtils.copy(conn.getInputStream(), writer, "UTF-8");
return writer.toString();
[hive] 01/02: Adam llap dev
Posted by sz...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
szita pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git
commit 2f2c4988ff3ccf92b78b0a8f9c0890d951309f21
Author: Adam Szita <sz...@cloudera.com>
AuthorDate: Thu Oct 31 11:08:17 2019 +0100
Adam llap dev
Change-Id: Ia14d2f0ad904de1d754e6b919954439e433e16db
---
data/conf/llap/hive-site.xml | 738 ++++++++++++++++++++++---------------------
1 file changed, 384 insertions(+), 354 deletions(-)
diff --git a/data/conf/llap/hive-site.xml b/data/conf/llap/hive-site.xml
index 0c5d030..3db7ea7 100644
--- a/data/conf/llap/hive-site.xml
+++ b/data/conf/llap/hive-site.xml
@@ -19,358 +19,388 @@
<configuration>
-<property>
- <name>hive.in.test</name>
- <value>true</value>
- <description>Internal marker for test. Used for masking env-dependent values</description>
-</property>
-
-<!-- Hive Configuration can either be stored in this file or in the hadoop configuration files -->
-<!-- that are implied by Hadoop setup variables. -->
-<!-- Aside from Hadoop setup variables - this file is provided as a convenience so that Hive -->
-<!-- users do not have to edit hadoop configuration files (that may be managed as a centralized -->
-<!-- resource). -->
-
-<!-- Hive Execution Parameters -->
-<property>
- <name>hadoop.tmp.dir</name>
- <value>${test.tmp.dir}/hadoop-tmp</value>
- <description>A base for other temporary directories.</description>
-</property>
-
-<property>
- <name>hive.tez.container.size</name>
- <value>128</value>
- <description></description>
-</property>
-
-<property>
- <name>hive.stats.fetch.column.stats</name>
- <value>true</value>
- <description>Use column stats to annotate stats for physical optimization phase</description>
-</property>
-
-<property>
- <name>hive.merge.tezfiles</name>
- <value>false</value>
- <description>Merge small files at the end of a Tez DAG</description>
-</property>
-
-<property>
- <name>hive.tez.input.format</name>
- <value>org.apache.hadoop.hive.ql.io.HiveInputFormat</value>
- <description>The default input format for tez. Tez groups splits in the AM.</description>
-</property>
-
-<property>
- <name>hive.exec.scratchdir</name>
- <value>${test.tmp.dir}/scratchdir</value>
- <description>Scratch space for Hive jobs</description>
-</property>
-
-<property>
- <name>hive.exec.local.scratchdir</name>
- <value>${test.tmp.dir}/localscratchdir/</value>
- <description>Local scratch space for Hive jobs</description>
-</property>
-
-<property>
- <name>datanucleus.schema.autoCreateAll</name>
- <value>true</value>
-</property>
-
-<property>
- <name>datanucleus.connectionPool.maxPoolSize</name>
- <value>4</value>
-</property>
-
-<property>
- <name>hive.metastore.schema.verification</name>
- <value>false</value>
-</property>
-
-<property>
- <name>javax.jdo.option.ConnectionURL</name>
- <value>jdbc:derby:memory:${test.tmp.dir}/junit_metastore_db;create=true</value>
-</property>
-
-<property>
- <name>javax.jdo.option.ConnectionDriverName</name>
- <value>org.apache.derby.jdbc.EmbeddedDriver</value>
-</property>
-
-<property>
- <name>javax.jdo.option.ConnectionUserName</name>
- <value>APP</value>
-</property>
-
-<property>
- <name>javax.jdo.option.ConnectionPassword</name>
- <value>mine</value>
-</property>
-
-<property>
- <!-- this should eventually be deprecated since the metastore should supply this -->
- <name>hive.metastore.warehouse.dir</name>
- <value>${test.warehouse.dir}</value>
- <description></description>
-</property>
-
-<property>
- <name>hive.metastore.metadb.dir</name>
- <value>file://${test.tmp.dir}/metadb/</value>
- <description>
- Required by metastore server or if the uris argument below is not supplied
- </description>
-</property>
-
-<property>
- <name>test.log.dir</name>
- <value>${test.tmp.dir}/log/</value>
- <description></description>
-</property>
-
-<property>
- <name>test.data.files</name>
- <value>${hive.root}/data/files</value>
- <description></description>
-</property>
-
-<property>
- <name>test.data.scripts</name>
- <value>${hive.root}/data/scripts</value>
- <description></description>
-</property>
-
-<property>
- <name>hive.jar.path</name>
- <value>${maven.local.repository}/org/apache/hive/hive-exec/${hive.version}/hive-exec-${hive.version}.jar</value>
- <description></description>
-</property>
-
-<property>
- <name>hive.metastore.rawstore.impl</name>
- <value>org.apache.hadoop.hive.metastore.ObjectStore</value>
- <description>Name of the class that implements org.apache.hadoop.hive.metastore.rawstore interface. This class is used to store and retrieval of raw metadata objects such as table, database</description>
-</property>
-
-<property>
- <name>hive.querylog.location</name>
- <value>${test.tmp.dir}/tmp</value>
- <description>Location of the structured hive logs</description>
-</property>
-
-<property>
- <name>hive.exec.pre.hooks</name>
- <value>org.apache.hadoop.hive.ql.hooks.PreExecutePrinter, org.apache.hadoop.hive.ql.hooks.EnforceReadOnlyTables</value>
- <description>Pre Execute Hook for Tests</description>
-</property>
-
-<property>
- <name>hive.exec.post.hooks</name>
- <value>org.apache.hadoop.hive.ql.hooks.PostExecutePrinter, org.apache.hadoop.hive.ql.hooks.RuntimeStatsPersistenceCheckerHook, org.apache.hadoop.hive.ql.hooks.NoOperatorReuseCheckerHook</value>
- <description>Post Execute Hook for Tests</description>
-</property>
-
-<property>
- <name>hive.support.concurrency</name>
- <value>false</value>
- <description>Whether hive supports concurrency or not. A zookeeper instance must be up and running for the default hive lock manager to support read-write locks.</description>
-</property>
-
-<property>
- <name>fs.pfile.impl</name>
- <value>org.apache.hadoop.fs.ProxyLocalFileSystem</value>
- <description>A proxy for local file system used for cross file system testing</description>
-</property>
-
-<property>
- <name>hive.exec.mode.local.auto</name>
- <value>false</value>
- <description>
- Let hive determine whether to run in local mode automatically
- Disabling this for tests so that minimr is not affected
- </description>
-</property>
-
-<property>
- <name>hive.auto.convert.join</name>
- <value>false</value>
- <description>Whether Hive enable the optimization about converting common join into mapjoin based on the input file size</description>
-</property>
-
-<property>
- <name>hive.ignore.mapjoin.hint</name>
- <value>true</value>
- <description>Whether Hive ignores the mapjoin hint</description>
-</property>
-
-<property>
- <name>io.sort.mb</name>
- <value>10</value>
-</property>
-
-<property>
- <name>hive.input.format</name>
- <value>org.apache.hadoop.hive.ql.io.CombineHiveInputFormat</value>
- <description>The default input format, if it is not specified, the system assigns it. It is set to HiveInputFormat for hadoop versions 17, 18 and 19, whereas it is set to CombineHiveInputFormat for hadoop 20. The user can always overwrite it - if there is a bug in CombineHiveInputFormat, it can always be manually set to HiveInputFormat. </description>
-</property>
-
-<property>
- <name>hive.default.rcfile.serde</name>
- <value>org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe</value>
- <description>The default SerDe hive will use for the rcfile format</description>
-</property>
-
-<property>
- <name>hive.stats.dbclass</name>
- <value>fs</value>
- <description>The default storatge that stores temporary hive statistics. Currently, fs type is supported</description>
-</property>
-
-<property>
- <name>hive.execution.engine</name>
- <value>tez</value>
- <description>Whether to use MR or Tez</description>
-</property>
-
-<property>
- <name>tez.am.node-blacklisting.enabled</name>
- <value>false</value>
-</property>
-
-<property>
- <name>hive.prewarm.enabled</name>
- <value>false</value>
- <description>
- Enables container prewarm for tez (hadoop 2 only)
- </description>
-</property>
-<property>
- <name>hive.in.tez.test</name>
- <value>true</value>
- <description>
- Indicates that we are in tez testing mode.
- </description>
-</property>
-
-<property>
- <name>hive.execution.mode</name>
- <value>llap</value>
-</property>
-
-<!--property>
- This is determined by the cluster type, and is set in code - HadoopShims, etc.
- <name>hive.llap.execution.mode</name>
- <value>all</value>
-</property-->
-
-<property>
- <name>hive.tez.java.opts</name>
- <value> -Dlog4j.configurationFile=tez-container-log4j2.properties -Dtez.container.log.level=INFO -Dtez.container.root.logger=CLA </value>
-</property>
-
-<property>
- <name>tez.am.launch.cmd-opts</name>
- <value> -Dlog4j.configurationFile=tez-container-log4j2.properties -Dtez.container.log.level=INFO -Dtez.container.root.logger=CLA </value>
-</property>
-
-<property>
- <name>hive.llap.cache.allow.synthetic.fileid</name>
- <value>true</value>
-</property>
-
-<property>
- <name>hive.llap.io.allocator.direct</name>
- <value>false</value>
-</property>
-
-<property>
- <name>hive.explain.user</name>
- <value>false</value>
-</property>
-
-<property>
- <name>hive.join.inner.residual</name>
- <value>true</value>
-</property>
-
-<!-- llap properties -->
-
-<property>
- <name>hive.llap.daemon.service.hosts</name>
- <value>localhost</value>
-</property>
-
-<property>
- <name>hive.llap.daemon.service.port</name>
- <value>0</value>
-</property>
-
-<property>
- <name>hive.llap.daemon.num.executors</name>
- <value>4</value>
-</property>
-
-<property>
- <name>hive.llap.daemon.task.scheduler.wait.queue.size</name>
- <value>4</value>
-</property>
-
-<property>
- <name>hive.llap.cache.allow.synthetic.fileid</name>
- <value>true</value>
-</property>
-
-<!-- hadoop IPC options -->
-<property>
- <name>ipc.client.low-latency</name>
- <value>true</value>
- <description> </description>
-</property>
-<property>
- <name>ipc.client.tcpnodelay</name>
- <value>true</value>
- <description> </description>
-</property>
-<property>
- <name>ipc.clients-per-factory</name>
- <value>4</value>
- <description> </description>
-</property>
-<property>
- <name>hive.stats.fetch.bitvector</name>
- <value>true</value>
-</property>
-
-<property>
- <name>hive.tez.cartesian-product.enabled</name>
- <value>true</value>
-</property>
-
-<property>
- <name>yarn.nodemanager.disk-health-checker.max-disk-utilization-per-disk-percentage</name>
- <value>99</value>
-</property>
-
-<property>
- <name>hive.query.results.cache.enabled</name>
- <value>false</value>
-</property>
-
-<property>
- <name>tez.counters.max</name>
- <value>1024</value>
-</property>
-
-<property>
- <name>hive.query.reexecution.stats.persist.scope</name>
- <value>query</value>
-</property>
-
-<property>
- <name>hive.semantic.analyzer.hook</name>
- <value>org.apache.hadoop.hive.ql.hooks.ScheduledQueryCreationRegistryHook</value>
-</property>
-
+ <property>
+ <name>hive.in.test</name>
+ <value>true</value>
+ <description>Internal marker for test. Used for masking env-dependent values</description>
+ </property>
+
+ <!-- Hive Configuration can either be stored in this file or in the hadoop configuration files -->
+ <!-- that are implied by Hadoop setup variables. -->
+ <!-- Aside from Hadoop setup variables - this file is provided as a convenience so that Hive -->
+ <!-- users do not have to edit hadoop configuration files (that may be managed as a centralized -->
+ <!-- resource). -->
+
+ <!-- Hive Execution Parameters -->
+ <property>
+ <name>hadoop.tmp.dir</name>
+ <value>${test.tmp.dir}/hadoop-tmp</value>
+ <description>A base for other temporary directories.</description>
+ </property>
+
+ <property>
+ <name>hive.tez.container.size</name>
+ <value>128</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>hive.stats.fetch.column.stats</name>
+ <value>true</value>
+ <description>Use column stats to annotate stats for physical optimization phase</description>
+ </property>
+
+ <property>
+ <name>hive.merge.tezfiles</name>
+ <value>false</value>
+ <description>Merge small files at the end of a Tez DAG</description>
+ </property>
+
+ <property>
+ <name>hive.tez.input.format</name>
+ <value>org.apache.hadoop.hive.ql.io.HiveInputFormat</value>
+ <description>The default input format for tez. Tez groups splits in the AM.</description>
+ </property>
+
+ <property>
+ <name>hive.exec.scratchdir</name>
+ <value>${test.tmp.dir}/scratchdir</value>
+ <description>Scratch space for Hive jobs</description>
+ </property>
+
+ <property>
+ <name>hive.exec.local.scratchdir</name>
+ <value>${test.tmp.dir}/localscratchdir/</value>
+ <description>Local scratch space for Hive jobs</description>
+ </property>
+
+ <property>
+ <name>datanucleus.schema.autoCreateAll</name>
+ <value>true</value>
+ </property>
+
+ <property>
+ <name>hive.metastore.schema.verification</name>
+ <value>false</value>
+ </property>
+
+ <property>
+ <name>javax.jdo.option.ConnectionURL</name>
+ <value>jdbc:derby:;databaseName=/Users/szita/data/hive3/junit_metastore_db;create=true</value>
+ </property>
+
+ <property>
+ <name>javax.jdo.option.ConnectionDriverName</name>
+ <value>org.apache.derby.jdbc.EmbeddedDriver</value>
+ </property>
+
+ <property>
+ <name>javax.jdo.option.ConnectionUserName</name>
+ <value>APP</value>
+ </property>
+
+ <property>
+ <name>javax.jdo.option.ConnectionPassword</name>
+ <value>mine</value>
+ </property>
+
+ <property>
+ <!-- this should eventually be deprecated since the metastore should supply this -->
+ <name>hive.metastore.warehouse.dir</name>
+ <value>${test.warehouse.dir}</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>hive.metastore.metadb.dir</name>
+ <value>file://${test.tmp.dir}/metadb/</value>
+ <description>
+ Required by metastore server or if the uris argument below is not supplied
+ </description>
+ </property>
+
+ <property>
+ <name>test.log.dir</name>
+ <value>${test.tmp.dir}/log/</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>test.data.files</name>
+ <value>${hive.root}/data/files</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>test.data.scripts</name>
+ <value>${hive.root}/data/scripts</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>hive.jar.path</name>
+ <value>${maven.local.repository}/org/apache/hive/hive-exec/${hive.version}/hive-exec-${hive.version}.jar</value>
+ <description></description>
+ </property>
+
+ <property>
+ <name>hive.metastore.rawstore.impl</name>
+ <value>org.apache.hadoop.hive.metastore.ObjectStore</value>
+ <description>Name of the class that implements org.apache.hadoop.hive.metastore.rawstore interface. This class is used to store and retrieval of raw metadata objects such as table, database</description>
+ </property>
+
+ <property>
+ <name>hive.querylog.location</name>
+ <value>${test.tmp.dir}/tmp</value>
+ <description>Location of the structured hive logs</description>
+ </property>
+
+ <property>
+ <name>hive.exec.pre.hooks</name>
+ <value>org.apache.hadoop.hive.ql.hooks.PreExecutePrinter, org.apache.hadoop.hive.ql.hooks.EnforceReadOnlyTables</value>
+ <description>Pre Execute Hook for Tests</description>
+ </property>
+
+ <property>
+ <name>hive.exec.post.hooks</name>
+ <value>org.apache.hadoop.hive.ql.hooks.PostExecutePrinter, org.apache.hadoop.hive.ql.hooks.RuntimeStatsPersistenceCheckerHook, org.apache.hadoop.hive.ql.hooks.NoOperatorReuseCheckerHook</value>
+ <description>Post Execute Hook for Tests</description>
+ </property>
+
+ <property>
+ <name>hive.support.concurrency</name>
+ <value>false</value>
+ <description>Whether hive supports concurrency or not. A zookeeper instance must be up and running for the default hive lock manager to support read-write locks.</description>
+ </property>
+
+ <property>
+ <name>fs.pfile.impl</name>
+ <value>org.apache.hadoop.fs.ProxyLocalFileSystem</value>
+ <description>A proxy for local file system used for cross file system testing</description>
+ </property>
+
+ <property>
+ <name>hive.exec.mode.local.auto</name>
+ <value>false</value>
+ <description>
+ Let hive determine whether to run in local mode automatically
+ Disabling this for tests so that minimr is not affected
+ </description>
+ </property>
+
+ <property>
+ <name>hive.auto.convert.join</name>
+ <value>false</value>
+ <description>Whether Hive enable the optimization about converting common join into mapjoin based on the input file size</description>
+ </property>
+
+ <property>
+ <name>hive.ignore.mapjoin.hint</name>
+ <value>true</value>
+ <description>Whether Hive ignores the mapjoin hint</description>
+ </property>
+
+ <property>
+ <name>io.sort.mb</name>
+ <value>10</value>
+ </property>
+
+ <property>
+ <name>hive.input.format</name>
+ <value>org.apache.hadoop.hive.ql.io.CombineHiveInputFormat</value>
+ <description>The default input format, if it is not specified, the system assigns it. It is set to HiveInputFormat for hadoop versions 17, 18 and 19, whereas it is set to CombineHiveInputFormat for hadoop 20. The user can always overwrite it - if there is a bug in CombineHiveInputFormat, it can always be manually set to HiveInputFormat. </description>
+ </property>
+
+ <property>
+ <name>hive.default.rcfile.serde</name>
+ <value>org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe</value>
+ <description>The default SerDe hive will use for the rcfile format</description>
+ </property>
+
+ <property>
+ <name>hive.stats.dbclass</name>
+ <value>fs</value>
+ <description>The default storatge that stores temporary hive statistics. Currently, fs type is supported</description>
+ </property>
+
+ <property>
+ <name>hive.execution.engine</name>
+ <value>tez</value>
+ <description>Whether to use MR or Tez</description>
+ </property>
+
+ <property>
+ <name>tez.am.node-blacklisting.enabled</name>
+ <value>false</value>
+ </property>
+
+ <property>
+ <name>hive.prewarm.enabled</name>
+ <value>false</value>
+ <description>
+ Enables container prewarm for tez (hadoop 2 only)
+ </description>
+ </property>
+ <property>
+ <name>hive.in.tez.test</name>
+ <value>true</value>
+ <description>
+ Indicates that we are in tez testing mode.
+ </description>
+ </property>
+
+ <property>
+ <name>hive.execution.mode</name>
+ <value>llap</value>
+ </property>
+
+ <!--property>
+ This is determined by the cluster type, and is set in code - HadoopShims, etc.
+ <name>hive.llap.execution.mode</name>
+ <value>all</value>
+ </property-->
+
+ <property>
+ <name>hive.tez.java.opts</name>
+ <value> -Dlog4j.configurationFile=tez-container-log4j2.properties -Dtez.container.log.level=INFO -Dtez.container.root.logger=CLA </value>
+ </property>
+
+ <property>
+ <name>tez.am.launch.cmd-opts</name>
+ <value> -Dlog4j.configurationFile=tez-container-log4j2.properties -Dtez.container.log.level=INFO -Dtez.container.root.logger=CLA </value>
+ </property>
+
+ <property>
+ <name>hive.llap.cache.allow.synthetic.fileid</name>
+ <value>true</value>
+ </property>
+
+ <property>
+ <name>hive.llap.io.allocator.direct</name>
+ <value>false</value>
+ </property>
+
+ <property>
+ <name>hive.explain.user</name>
+ <value>false</value>
+ </property>
+
+ <property>
+ <name>hive.join.inner.residual</name>
+ <value>true</value>
+ </property>
+
+ <!-- llap properties -->
+
+ <property>
+ <name>hive.llap.daemon.service.hosts</name>
+ <value>localhost</value>
+ </property>
+
+ <property>
+ <name>hive.llap.daemon.service.port</name>
+ <value>0</value>
+ </property>
+
+ <property>
+ <name>hive.llap.daemon.num.executors</name>
+ <value>4</value>
+ </property>
+
+ <property>
+ <name>hive.llap.daemon.task.scheduler.wait.queue.size</name>
+ <value>4</value>
+ </property>
+
+ <property>
+ <name>hive.llap.cache.allow.synthetic.fileid</name>
+ <value>true</value>
+ </property>
+
+ <!-- hadoop IPC options -->
+ <property>
+ <name>ipc.client.low-latency</name>
+ <value>true</value>
+ <description> </description>
+ </property>
+ <property>
+ <name>ipc.client.tcpnodelay</name>
+ <value>true</value>
+ <description> </description>
+ </property>
+ <property>
+ <name>ipc.clients-per-factory</name>
+ <value>4</value>
+ <description> </description>
+ </property>
+ <property>
+ <name>hive.stats.fetch.bitvector</name>
+ <value>true</value>
+ </property>
+
+ <property>
+ <name>hive.tez.cartesian-product.enabled</name>
+ <value>true</value>
+ </property>
+
+ <property>
+ <name>yarn.nodemanager.disk-health-checker.max-disk-utilization-per-disk-percentage</name>
+ <value>99</value>
+ </property>
+
+ <property>
+ <name>hive.query.results.cache.enabled</name>
+ <value>false</value>
+ </property>
+
+ <property>
+ <name>tez.counters.max</name>
+ <value>1024</value>
+ </property>
+
+ <property>
+ <name>hive.query.reexecution.stats.persist.scope</name>
+ <value>query</value>
+ </property>
+
+ <property>
+ <name>hive.semantic.analyzer.hook</name>
+ <value>org.apache.hadoop.hive.ql.hooks.ScheduledQueryCreationRegistryHook</value>
+ </property>
+
+ <property>
+ <name>hive.llap.daemon.web.port</name>
+ <value>25002</value>
+ </property>
+ <property>
+ <name>hive.llap.io.memory.size</name>
+ <value>1024Mb</value>
+ </property>
+ <property>
+ <name>tez.grouping.max-size</name>
+ <value>512000000</value>
+ </property>
+
+ <property>
+ <name>tez.grouping.min-size</name>
+ <value>1024</value>
+ </property>
+
+ <property>
+ <name>mapreduce.input.fileinputformat.split.maxsize</name>
+ <value>40</value>
+ </property>
+
+ <property>
+ <name>mapreduce.input.fileinputformat.split.minsize</name>
+ <value>40</value>
+ </property>
+ <property>
+ <name>tez.am.launch.cmd-opts</name>
+ <value>-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5006,quiet=y</value>
+ </property>
+ <!--<property>-->
+ <!--<name>hive.llap.io.threadpool.size</name>-->
+ <!--<value>1</value>-->
+ <!--</property>-->
</configuration>