You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by dz...@apache.org on 2022/02/22 09:55:55 UTC

[drill-site] branch master updated: Update docs about security.user.admins system opts.

This is an automated email from the ASF dual-hosted git repository.

dzamo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/drill-site.git


The following commit(s) were added to refs/heads/master by this push:
     new e55477c  Update docs about security.user.admins system opts.
e55477c is described below

commit e55477cfcef1e96ec50e33441af8a21ba02c66c1
Author: James Turton <ja...@somecomputer.xyz>
AuthorDate: Tue Feb 22 11:54:52 2022 +0200

    Update docs about security.user.admins system opts.
---
 .../securing-drill/030-roles-privileges.md         | 32 +++++++++-------------
 .../050-aggregate-and-aggregate-statistical.md     |  4 +--
 2 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/_docs/en/configure-drill/securing-drill/030-roles-privileges.md b/_docs/en/configure-drill/securing-drill/030-roles-privileges.md
index ed25435..4a4556e 100644
--- a/_docs/en/configure-drill/securing-drill/030-roles-privileges.md
+++ b/_docs/en/configure-drill/securing-drill/030-roles-privileges.md
@@ -3,18 +3,19 @@ title: "Roles and Privileges"
 slug: "Roles and Privileges"
 parent: "Securing Drill"
 ---
+
 Drill has two roles that perform different functions:
 
-* User (USER) role
-* Administrator (ADMIN) role
+- User (USER) role
+- Administrator (ADMIN) role
 
-## User Role
+## User role
 
 Users can execute queries on data that he/she has access to. Each storage plugin manages the read/write permissions. Users can create views on top of data to provide granular access to that data.
 
-## Administrator Role
+## Administrator role
 
-When authentication is enabled, only Drill users who are assigned Drill cluster administrator privileges can perform the following tasks:
+When authentication is enabled, only Drill users who are assigned Drill cluster administrator privileges can perform the following tasks.
 
 - Change system-level options by issuing the ALTER SYSTEM command.
 - Update a storage plugin configuration through the REST API or Web UI.
@@ -22,24 +23,17 @@ When authentication is enabled, only Drill users who are assigned Drill cluster
 - View profiles of all queries that all users have run or are currently running in a cluster.
 - Cancel running queries that were launched by any user in the cluster.
 
-### Initial Admin Identity
+When authentication is disabled anyone can perform the tasks above.
 
-To configure an initial Admin User and Group add an `security.admin` configuration entry like below into your `drill-override.conf` .
+### Specifying administrator users and groups
 
-    drill.exec: {
-        ...
-    },
-    security.admin: {
-        users: "drill",
-        user_groups: "hadoop"
-    }
+Drill administrators can specified using two system options.
 
-Set the value of this options to a comma-separated list of user or group names who you want to give administrator privileges, such as changing system options.
+| Option                     | Default                        | Description                                         |
+| -------------------------- | ------------------------------ | --------------------------------------------------- |
+| security.admin.user_groups | Drill process user             | A comma-separated list of administrator groups.     |
+| security.admin.users       | Drill process user's OS groups | A comma-separated list of administrator user names. |
 
 The groups in `security.admin.user_groups` refer to groups in the configured Hadoop group mapping service which defaults to looking up local operating system groups. See [Hadoop Groups Mapping](https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/GroupsMapping.html) for more information.
 
 See [Configuring Web UI and REST API Security]({{site.baseurl}}/docs/configuring-web-ui-and-rest-api-security/) for more information.
-
-
-
-
diff --git a/_docs/en/sql-reference/sql-functions/050-aggregate-and-aggregate-statistical.md b/_docs/en/sql-reference/sql-functions/050-aggregate-and-aggregate-statistical.md
index bcd23ec..5348ced 100644
--- a/_docs/en/sql-reference/sql-functions/050-aggregate-and-aggregate-statistical.md
+++ b/_docs/en/sql-reference/sql-functions/050-aggregate-and-aggregate-statistical.md
@@ -26,11 +26,11 @@ queries.
 - AVG, COUNT, MIN, MAX, and SUM accept ALL and DISTINCT keywords. The default is
   ALL.
 - The aggregate function examples use the `cp` storage plugin to access the
-  [`employee.json`](%7B%7Bsite.baseurl%7D%7D/docs/querying-json-files/) file
+  [`employee.json`]({{site.baseurl}}/docs/querying-json-files/) file
   installed with Drill. By default, JSON reads numbers as double-precision
   floating point numbers. These examples assume that you are using the default
   option
-  [all_text_mode](%7B%7Bsite.baseurl%7D%7D/docs/json-data-model/#handling-type-differences)
+  [all_text_mode]({{site.baseurl}}/docs/json-data-model/#handling-type-differences)
   set to false.
 
 ## ANY_VALUE