[ https://issues.apache.org/jira/browse/SENTRY-2254?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergio Peña resolved SENTRY-2254. --------------------------------- Resolution: Not A Bug I will close this issue as not a bug for now. Seems a configuration issue depending on the version of Sentry used. I'll suggest ask the question to [d...@sentry.apache.org|mailto:d...@sentry.apache.org] as there is more visibility on the question and more people can answer it. > can not load sentry conf while use beeline to connect to spark thift server > --------------------------------------------------------------------------- > > Key: SENTRY-2254 > URL: https://issues.apache.org/jira/browse/SENTRY-2254 > Project: Sentry > Issue Type: Bug > Reporter: L > Priority: Blocker > > Hi,all.I have try to use beeline to connect to Spark Thrift Server,and the > data is on hive.So for security,i want to use sentry to do autherization for > different user when they use spark thrift server to operate data on hive.The > Spark thrift Server is ok but the sentry does not work because any user can > use "select " to view any tables.Below is part of logs: > 18/05/31 17:59:05 WARN conf.HiveConf: HiveConf of name hive.sentry.conf.url > does not exist > 18/05/31 17:59:05 WARN conf.HiveConf: HiveConf of name > hive.server2.enable.impersonation does not exist > 18/05/31 17:59:05 WARN conf.HiveConf: HiveConf of name > hive.server2.thrift.http.min.worker.threads does not exist > 18/05/31 17:59:05 WARN conf.HiveConf: HiveConf of name > hive.server2.thrift.http.max.worker.threads does not exist > 18/05/31 17:59:05 INFO metastore.ObjectStore: Setting MetaStore object pin > classes with > hive.metastore.cache.pinobjtypes="Table,StorageDescriptor,SerDeInfo,Partition,Database,Type,FieldSchema,Order" > 18/05/31 17:59:05 INFO DataNucleus.Datastore: The class > "org.apache.hadoop.hive.metastore.model.MFieldSchema" is tagged as > "embedded-only" so does not have its own datastore table. > 18/05/31 17:59:05 INFO DataNucleus.Datastore: The class > "org.apache.hadoop.hive.metastore.model.MOrder" is tagged as "embedded-only" > so does not have its own datastore table. > 18/05/31 17:59:06 INFO DataNucleus.Datastore: The class > "org.apache.hadoop.hive.metastore.model.MFieldSchema" is tagged as > "embedded-only" so does not have its own datastore table. > 18/05/31 17:59:06 INFO DataNucleus.Datastore: The class > "org.apache.hadoop.hive.metastore.model.MOrder" is tagged as "embedded-only" > so does not have its own datastore table. > 18/05/31 17:59:06 INFO metastore.MetaStoreDirectSql: Using direct SQL, > underlying DB is DERBY > 18/05/31 17:59:06 INFO metastore.ObjectStore: Initialized ObjectStore > 18/05/31 17:59:06 WARN metastore.ObjectStore: Version information not found > in metastore. hive.metastore.schema.verification is not enabled so recording > the schema version 1.2.0 > 18/05/31 17:59:06 WARN metastore.ObjectStore: Failed to get database > default, returning NoSuchObjectException > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: Added admin role in metastore > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: Added public role in > metastore > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: No user is added in admin > role, since config is empty > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: 0: get_all_databases > 18/05/31 17:59:06 INFO HiveMetaStore.audit: ugi=root ip=unknown-ip-addr > cmd=get_all_databases > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: 0: get_functions: db=default > pat=* > 18/05/31 17:59:06 INFO HiveMetaStore.audit: ugi=root ip=unknown-ip-addr > cmd=get_functions: db=default pat=* > 18/05/31 17:59:06 INFO DataNucleus.Datastore: The class > "org.apache.hadoop.hive.metastore.model.MResourceUri" is tagged as > "embedded-only" so does not have its own datastore table. > 18/05/31 17:59:06 INFO session.SessionState: Created local directory: > /tmp/0ebe7928-87f9-46b2-8160-bf7e15c22b56_resources > 18/05/31 17:59:06 INFO session.SessionState: Created HDFS directory: > /tmp/hive/root/0ebe7928-87f9-46b2-8160-bf7e15c22b56 > 18/05/31 17:59:06 INFO session.SessionState: Created local directory: > /tmp/root/0ebe7928-87f9-46b2-8160-bf7e15c22b56 > 18/05/31 17:59:06 INFO session.SessionState: Created HDFS directory: > /tmp/hive/root/0ebe7928-87f9-46b2-8160-bf7e15c22b56/_tmp_space.db > 18/05/31 17:59:06 INFO client.HiveClientImpl: Warehouse location for Hive > client (version 1.2.1) is /user/hive/warehouse > 18/05/31 17:59:06 INFO service.CompositeService: Operation log root > directory is created: /var/log/hive/operation_logs > 18/05/31 17:59:06 INFO service.AbstractService: HiveServer2: Async execution > pool size 100 > 18/05/31 17:59:06 INFO service.AbstractService: Service:OperationManager is > inited. > 18/05/31 17:59:06 INFO service.AbstractService: Service: SessionManager is > inited. > 18/05/31 17:59:06 INFO service.AbstractService: Service: CLIService is > inited. > 18/05/31 17:59:06 INFO service.AbstractService: > Service:ThriftBinaryCLIService is inited. > 18/05/31 17:59:06 INFO service.AbstractService: Service: HiveServer2 is > inited. > 18/05/31 17:59:06 INFO service.AbstractService: Service:OperationManager is > started. > 18/05/31 17:59:06 INFO service.AbstractService: Service:SessionManager is > started. > 18/05/31 17:59:06 INFO service.AbstractService: Service:CLIService is > started. > 18/05/31 17:59:06 INFO metastore.ObjectStore: ObjectStore, initialize called > 18/05/31 17:59:06 INFO DataNucleus.Query: Reading in results for query > "org.datanucleus.store.rdbms.query.SQLQuery@0" since the connection used is > closing > 18/05/31 17:59:06 INFO metastore.MetaStoreDirectSql: Using direct SQL, > underlying DB is DERBY > 18/05/31 17:59:06 INFO metastore.ObjectStore: Initialized ObjectStore > 18/05/31 17:59:06 INFO metastore.HiveMetaStore: 0: get_databases: default > 18/05/31 17:59:06 INFO HiveMetaStore.audit: ugi=root ip=unknown-ip-addr > cmd=get_databases: default > > and the config is as belows: > hive-site.xml: > <property> > <name>hive.sentry.conf.url</name> > > <value>file:///opt/tmp/spark-2.2.0-bin-hadoop2.6/conf/sentry-site.xml</value> > </property> > <property> > <name>hive.stats.collect.scancols</name> > <value>true</value> > </property> > <property> > <name>hive.metastore.pre.event.listeners</name> > <value>org.apache.sentry.binding.metastore.MetastoreAuthzBinding</value> > </property> > <property> > <name>hive.metastore.event.listeners</name> > > <value>org.apache.sentry.binding.metastore.SentryMetastorePostEventListener</value> > > </property> > <property> > <name>hive.server2.session.hook</name> > <value>org.apache.sentry.binding.hive.HiveAuthzBindingSessionHook</value> > </property> > <property> > <name>hive.security.authorization.task.factory</name> > > <value>org.apache.sentry.binding.hive.SentryHiveAuthorizationTaskFactoryImpl</value> > > </property> > <property> > <name>hive.server2.enable.impersonation</name> > <value>true</value> > </property> > > sentry-site.xml > <configuration> > <property> > <name>sentry.service.security.mode</name> > <value>none</value> > </property> > <property> > <name>sentry.service.client.server.rpc-address</name> > <value>hadoop008053.ppdgdsl.com</value> > </property> > <property> > <name>sentry.service.client.server.rpc-port</name> > <value>8038</value> > </property> > </configuration> > > So i want to know why the sentry does not work?In the logs i saw "18/05/31 > 17:59:05 WARN conf.HiveConf: HiveConf of name hive.sentry.conf.url does not > exist ",but it exists in hive-site.xml and the sentry-site.xml is in the > right place.Can any body give me some suggestions or the deployment doc for > Spark Thrift Server intergrate with sentry or Hive Server2 intergrate with > Sentry?Thanks in advance. -- This message was sent by Atlassian JIRA (v7.6.3#76005)