You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2016/12/02 19:29:23 UTC
ambari git commit: AMBARI-19060. Update the HiveServer config values
if Security Authorization chosen is None.
Repository: ambari
Updated Branches:
refs/heads/branch-feature-AMBARI-18901 1b90011eb -> 548d4570a
AMBARI-19060. Update the HiveServer config values if Security Authorization chosen is None.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/548d4570
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/548d4570
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/548d4570
Branch: refs/heads/branch-feature-AMBARI-18901
Commit: 548d4570a5e5661e3ee4a9a8f9db526a271ec522
Parents: 1b90011
Author: Swapan Shridhar <ss...@hortonworks.com>
Authored: Thu Dec 1 16:46:31 2016 -0800
Committer: Swapan Shridhar <ss...@hortonworks.com>
Committed: Thu Dec 1 16:46:31 2016 -0800
----------------------------------------------------------------------
.../stacks/HDP/2.2/services/stack_advisor.py | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/548d4570/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
index 4854514..8187da8 100644
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
@@ -300,6 +300,7 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
putWebhcatSiteProperty = self.putProperty(configurations, "webhcat-site", services)
putHiveSitePropertyAttribute = self.putPropertyAttribute(configurations, "hive-site")
putHiveEnvPropertyAttributes = self.putPropertyAttribute(configurations, "hive-env")
+ putHiveServerPropertyAttributes = self.putPropertyAttribute(configurations, "hiveserver2-site")
servicesList = [service["StackServices"]["service_name"] for service in services["services"]]
# Storage
@@ -520,7 +521,8 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
putHiveServerProperty("hive.security.authorization.enabled", "true")
putHiveServerProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory")
putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator")
- putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.users.in.admin.role")
+ putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.security.metastore.authorization.manager,"
+ "hive.security.metastore.authenticator.manager,hive.users.in.admin.role,hive.server2.xsrf.filter.enabled,hive.security.authorization.enabled")
putHiveSiteProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory")
if sqlstdauth_class not in auth_manager_values:
auth_manager_values.append(sqlstdauth_class)
@@ -536,7 +538,16 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
putHiveServerProperty("hive.security.authorization.enabled", "true")
putHiveServerProperty("hive.security.authorization.manager", "com.xasecure.authorization.hive.authorizer.XaSecureHiveAuthorizerFactory")
putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator")
- putHiveServerProperty("hive.conf.restricted.list", "hive.security.authorization.enabled,hive.security.authorization.manager,hive.security.authenticator.manager")
+ putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.security.metastore.authorization.manager,"
+ "hive.security.metastore.authenticator.manager,hive.users.in.admin.role,hive.server2.xsrf.filter.enabled,hive.security.authorization.enabled")
+
+ # hive_security_authorization == 'None'
+ if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower() == "None":
+ putHiveSiteProperty("hive.server2.enable.doAs", "true")
+ putHiveServerProperty("hive.security.authorization.enabled", "false")
+ putHiveServerPropertyAttributes("hive.security.authorization.manager", 'delete', 'true')
+ putHiveServerPropertyAttributes("hive.security.authenticator.manager", 'delete', 'true')
+ putHiveServerPropertyAttributes("hive.conf.restricted.list", 'delete', 'true')
putHiveSiteProperty("hive.server2.use.SSL", "false")