You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2016/07/29 17:41:20 UTC
[jira] [Updated] (AMBARI-17964) Hive Ranger plug in broken after
upgrade to HDP 2.4.0
[ https://issues.apache.org/jira/browse/AMBARI-17964?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dmitry Lysnichenko updated AMBARI-17964:
----------------------------------------
Component/s: ambari-server
> Hive Ranger plug in broken after upgrade to HDP 2.4.0
> -----------------------------------------------------
>
> Key: AMBARI-17964
> URL: https://issues.apache.org/jira/browse/AMBARI-17964
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Reporter: Dmitry Lysnichenko
> Assignee: Dmitry Lysnichenko
> Attachments: AMBARI-17964.patch
>
>
> I've managed to reproduce the issue during Ambari upgrade 2.0.2 to 2.2.1.1.
> The issue seems to be that hive_security_authorization is missing in 2.0.2, so during upgrade hive_security_authorization it is added with value None (because code supports only Kerberos, and not Ranger), and then {{hive.security.authorization.manager}} and {{hive.security.authenticator.manager}} are immediately removed at UpgradeCatalog210 if hive_security_authorization value is None.
> {code}
> boolean isHiveSecurityAuthPresent = cluster.getDesiredConfigByType("hive-env").getProperties().containsKey("hive_security_authorization");
> String hiveSecurityAuth="";
> if ("kerberos".equalsIgnoreCase(hive_server2_auth) && cluster.getServices().containsKey("KERBEROS")){
> hiveSecurityAuth = "SQLStdAuth";
> isHiveSecurityAuthPresent = true;
> hiveEnvProps.put("hive_security_authorization", hiveSecurityAuth);
> } else {
> if (isHiveSecurityAuthPresent) {
> hiveSecurityAuth = cluster.getDesiredConfigByType("hive-env").getProperties().get("hive_security_authorization");
> }
> }
> if (isHiveSecurityAuthPresent && "none".equalsIgnoreCase(hiveSecurityAuth)) {
> hiveServerSiteRemoveProps.add("hive.security.authorization.manager");
> hiveServerSiteRemoveProps.add("hive.security.authenticator.manager");
> }
> updateConfigurationPropertiesForCluster(cluster, "hive-env", hiveEnvProps, true, true);
> removeConfigurationPropertiesFromCluster(cluster, "hiveserver2-site", hiveServerSiteRemoveProps);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)