Here is the one I was using - make sure to edit database settings. You also
need to have users to group mapping file - I use the following:
[users]
akolb = hive
Config attached.
On Thu, Feb 1, 2018 at 7:15 AM, Xinran Yu Tinney <yuxinran8...@gmail.com>
wrote:
> Hi, Sasha,
> The only sentry-site.xml I found is shown in the picture below, it
> seems still something is missing.
>
> Thanks!
>
> 2018-01-30 18:34 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>:
>
>> The way run_sentry works - it actually runs mvn exec:java which builds
>> code
>> in your local repo and creates jar files. If you run this as root, these
>> files will be owned by root which is not good, so please do not run this
>> via sudo to save you some trouble.
>>
>> A simple way to use it to run sentry:
>>
>> run_sentry --command service -conffile /path/to/sentry-site.xml
>>
>> This should work as long as your normal things (like mvn install
>> -DskipTests) is working.
>>
>> Best,
>>
>> - Alex
>>
>> On Tue, Jan 30, 2018 at 1:41 PM, Xinran Yu Tinney <yuxinran8...@gmail.com
>> >
>> wrote:
>>
>> > Hi, Sasha, what do you mean change ownership of files?
>> > Also, Lina, I have run the command but it seems something removed the
>> > JAVA_HOME, please see the attachment.
>> >
>> > 2018-01-12 16:57 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>:
>> >
>> >> Running it via studio is not the best idea since it will change
>> ownership
>> >> of files in your repo. Sentry doesn't need root privileges.
>> >>
>> >> > On Jan 12, 2018, at 14:10, Na Li <lina...@cloudera.com> wrote:
>> >> >
>> >> > one example
>> >> >
>> >> > to creating schema
>> >> > - command: sudo ./run_sentry.sh --command schema-tool --conffile
>> >> > sentry-site.xml --dbType mysql --initSchema
>> >> >
>> >> > On Fri, Jan 12, 2018 at 3:18 PM, Xinran Yu Tinney <
>> >> yuxinran8...@gmail.com>
>> >> > wrote:
>> >> >
>> >> >> What are the arguments that can be used? I have attached a
>> screenshot,
>> >> >> using "service", but seems not working.
>> >> >>
>> >> >> 2018-01-12 14:56 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>:
>> >> >>
>> >> >>> It is easy. Your current directory should be within the got repo
>> and
>> >> the
>> >> >>> actual script can be anywhere. Just run it with whatever argument
>> you
>> >> want
>> >> >>> to pass to main. The script users maven to build and run sentry so
>> it
>> >> >>> doesn't depend on any class path.
>> >> >>>
>> >> >>> On Fri, Jan 12, 2018 at 12:30 Xinran Yu Tinney <
>> >> yuxinran8...@gmail.com>
>> >> >>> wrote:
>> >> >>>
>> >> >>>> Hi,
>> >> >>>> Does anyone know how to run bin/run_sentry.sh? Thanks!
>> >> >>>>
>> >> >>>>
>> >> >>>> Xinran
>> >> >>>>
>> >> >>>
>> >> >>
>> >> >>
>> >>
>> >
>> >
>>
>
>
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<property>
<name>sentry.service.server.rpc-address</name>
<value>localhost</value>
</property>
<property>
<name>sentry.service.client.server.rpc-address</name>
<value>localhost:8038</value>
</property>
<property>
<name>sentry.service.server.rpc-port</name>
<value>8038</value>
</property>
<property>
<name>sentry.service.security.mode</name>
<value>none</value>
</property>
<property>
<name>sentry.service.admin.group</name>
<value>hive,impala,hue,solr,kafka</value>
</property>
<property>
<name>sentry.service.allow.connect</name>
<value>hive,impala,hue,hdfs,solr,kafka, akolb</value>
</property>
<property>
<name>sentry.store.group.mapping</name>
<value>org.apache.sentry.provider.file.LocalGroupMappingService</value>
</property>
<property>
<name>sentry.store.group.mapping.resource</name>
<value>/Users/akolb/etc/users.ini</value>
</property>
<property>
<name>sentry.service.server.keytab</name>
<value>sentry.keytab</value>
</property>
<!-- -->
<property>
<name>sentry.store.jdbc.url</name>
<value>jdbc:mysql://localhost/sentryserver</value>
</property>
<property>
<name>sentry.store.jdbc.driver</name>
<value>com.mysql.jdbc.Driver</value>
</property>
<property>
<name>sentry.store.jdbc.user</name>
<value>USER</value>
</property>
<property>
<name>sentry.store.jdbc.password</name>
<value>PASSWORD</value>
</property>
<property>
<name>sentry.service.processor.factories</name>
<value>org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory,org.apache.sentry.provider.db.generic.service.thrift.SentryGenericPolicyProcessorFactory,org.apache.sentry.hdfs.SentryHDFSServiceProcessorFactory</value>
</property>
<property>
<name>sentry.policy.store.plugins</name>
<value>org.apache.sentry.hdfs.SentryPlugin</value>
</property>
<property>
<name>sentry.hdfs.integration.path.prefixes</name>
<value>/user/hive/warehouse</value>
</property>
<!-- -->
<property>
<name>sentry.service.web.enable</name>
<value>true</value>
</property>
<!-- -->
<property>
<name>sentry.service.web.port</name>
<value>51000</value>
</property>
<property>
<name>sentry.web.admin.servlet.enabled</name>
<value>true</value>
</property>
<property>
<name>sentry.service.reporter</name>
<value>console</value>
</property>
<property>
<name>sentry.service.reporter.interval.sec</name>
<value>300</value>
</property>
<property>
<name>sentry.service.web.authentication.type</name>
<value>NONE</value>
</property>
<!-- -->
<property>
<name>sentry.ha.zookeeper.quorum</name>
<value>127.0.0.1:2181</value>
</property>
<property>
<name>sentry.ha.standby.signal</name>
<value>USR2</value>
</property>
<!-- -->
</configuration>
