RANGER-282: MS-SQLServer support
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/3df7c45d Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/3df7c45d Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/3df7c45d Branch: refs/heads/master Commit: 3df7c45d74320edaad562b388753edd2f21a35c5 Parents: 962ad52 Author: Velmurugan Periasamy <[email protected]> Authored: Tue Mar 3 14:23:21 2015 -0500 Committer: Velmurugan Periasamy <[email protected]> Committed: Tue Mar 3 14:23:21 2015 -0500 ---------------------------------------------------------------------- agents-common/scripts/enable-agent.sh | 6 +- hbase-agent/scripts/install.sh | 11 + hdfs-agent/scripts/install.sh | 11 + hive-agent/scripts/install.sh | 12 + knox-agent/scripts/install.sh | 12 + .../db/sqlserver/create_dbversion_catalog.sql | 32 + .../db/sqlserver/xa_audit_db_sqlserver.sql | 81 + .../db/sqlserver/xa_core_db_sqlserver.sql | 2632 ++++++++++++++++++ security-admin/scripts/db_setup.py | 181 ++ security-admin/scripts/install.properties | 3 +- security-admin/scripts/setup.sh | 34 + storm-agent/scripts/install.sh | 12 + 12 files changed, 3025 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/agents-common/scripts/enable-agent.sh ---------------------------------------------------------------------- diff --git a/agents-common/scripts/enable-agent.sh b/agents-common/scripts/enable-agent.sh index 71854e6..30b8953 100755 --- a/agents-common/scripts/enable-agent.sh +++ b/agents-common/scripts/enable-agent.sh @@ -354,7 +354,11 @@ then then export XAAUDIT_DB_JDBC_URL="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}" export XAAUDIT_DB_JDBC_DRIVER="org.postgresql.Driver" - else + elif [ "${db_flavor}" = "SQLSERVER" ] + then + export XAAUDIT_DB_JDBC_URL="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}" + export XAAUDIT_DB_JDBC_DRIVER="com.microsoft.sqlserver.jdbc.SQLServerDriver" + else echo "Audit is not specified with a valid db_flavor: [${db_flavor}]. Ignoring audit ..." export XAAUDIT_DB_JDBC_URL="jdbc:${db_flavor}://${audit_db_hostname}/${audit_db_name}" export XAAUDIT_DB_JDBC_DRIVER="com.unknown.driver.${db_flavor}" http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/hbase-agent/scripts/install.sh ---------------------------------------------------------------------- diff --git a/hbase-agent/scripts/install.sh b/hbase-agent/scripts/install.sh index b504067..a24f535 100644 --- a/hbase-agent/scripts/install.sh +++ b/hbase-agent/scripts/install.sh @@ -300,7 +300,18 @@ then newPropertyValue="org.postgresql.Driver" updatePropertyToFile $propertyName $newPropertyValue $to_file fi +if [ "${DB_FLAVOR}" == "SQLSERVER" ] +then + audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + propertyName=XAAUDIT.DB.JDBC_URL + newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}" + updatePropertyToFile $propertyName $newPropertyValue $to_file + propertyName=XAAUDIT.DB.JDBC_DRIVER + newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver" + updatePropertyToFile $propertyName $newPropertyValue $to_file +fi for f in ${install_dir}/installer/conf/*-changes.cfg do if [ -f ${f} ] http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/hdfs-agent/scripts/install.sh ---------------------------------------------------------------------- diff --git a/hdfs-agent/scripts/install.sh b/hdfs-agent/scripts/install.sh index 3cf9f4f..a0f6547 100644 --- a/hdfs-agent/scripts/install.sh +++ b/hdfs-agent/scripts/install.sh @@ -307,7 +307,18 @@ then newPropertyValue="org.postgresql.Driver" updatePropertyToFile $propertyName $newPropertyValue $to_file fi +if [ "${DB_FLAVOR}" == "SQLSERVER" ] +then + audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + propertyName=XAAUDIT.DB.JDBC_URL + newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}" + updatePropertyToFile $propertyName $newPropertyValue $to_file + propertyName=XAAUDIT.DB.JDBC_DRIVER + newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver" + updatePropertyToFile $propertyName $newPropertyValue $to_file +fi for f in ${install_dir}/installer/conf/*-changes.cfg do if [ -f ${f} ] http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/hive-agent/scripts/install.sh ---------------------------------------------------------------------- diff --git a/hive-agent/scripts/install.sh b/hive-agent/scripts/install.sh index f6f50e8..27c4e06 100644 --- a/hive-agent/scripts/install.sh +++ b/hive-agent/scripts/install.sh @@ -284,6 +284,18 @@ then newPropertyValue="org.postgresql.Driver" updatePropertyToFile $propertyName $newPropertyValue $to_file fi +if [ "${DB_FLAVOR}" == "SQLSERVER" ] +then + audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + propertyName=XAAUDIT.DB.JDBC_URL + newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}" + updatePropertyToFile $propertyName $newPropertyValue $to_file + + propertyName=XAAUDIT.DB.JDBC_DRIVER + newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver" + updatePropertyToFile $propertyName $newPropertyValue $to_file +fi for f in ${install_dir}/installer/conf/*-changes.cfg do if [ -f ${f} ] http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/knox-agent/scripts/install.sh ---------------------------------------------------------------------- diff --git a/knox-agent/scripts/install.sh b/knox-agent/scripts/install.sh index 9529b8f..7462462 100644 --- a/knox-agent/scripts/install.sh +++ b/knox-agent/scripts/install.sh @@ -203,6 +203,18 @@ then newPropertyValue="org.postgresql.Driver" updatePropertyToFile $propertyName $newPropertyValue $to_file fi +if [ "${DB_FLAVOR}" == "SQLSERVER" ] +then + audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME' ${install_dir}/install.properties | awk -F= '{ print $2 }'` + propertyName=XAAUDIT.DB.JDBC_URL + newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}" + updatePropertyToFile $propertyName $newPropertyValue $to_file + + propertyName=XAAUDIT.DB.JDBC_DRIVER + newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver" + updatePropertyToFile $propertyName $newPropertyValue $to_file +fi for f in ${install_dir}/installer/conf/*-changes.cfg do if [ -f ${f} ] http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/security-admin/db/sqlserver/create_dbversion_catalog.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/create_dbversion_catalog.sql b/security-admin/db/sqlserver/create_dbversion_catalog.sql new file mode 100644 index 0000000..0ef9b10 --- /dev/null +++ b/security-admin/db/sqlserver/create_dbversion_catalog.sql @@ -0,0 +1,32 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. + +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +SET ANSI_PADDING ON +GO +create table [dbo].[x_db_version_h] ( +id bigint not null identity(1,1) primary key, +version varchar(64) not null, +inst_at datetime2 not null, +inst_by varchar(256) not null, +updated_at datetime2 not null, +updated_by varchar(256) not null, +active varchar(1) check(active IN ('Y', 'N')) default 'Y' +); +GO +exit \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/3df7c45d/security-admin/db/sqlserver/xa_audit_db_sqlserver.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/xa_audit_db_sqlserver.sql b/security-admin/db/sqlserver/xa_audit_db_sqlserver.sql new file mode 100644 index 0000000..e521409 --- /dev/null +++ b/security-admin/db/sqlserver/xa_audit_db_sqlserver.sql @@ -0,0 +1,81 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. + +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +SET ANSI_PADDING ON +GO +CREATE TABLE [dbo].[xa_access_audit]( + [id] [bigint] IDENTITY(1,1) NOT NULL, + [create_time] [datetime2] DEFAULT NULL NULL, + [update_time] [datetime2] DEFAULT NULL NULL, + [added_by_id] [bigint] DEFAULT NULL NULL, + [upd_by_id] [bigint] DEFAULT NULL NULL, + [audit_type] [int] DEFAULT 0 NOT NULL, + [access_result] [int] DEFAULT 0 NULL, + [access_type] [varchar](255) DEFAULT NULL NULL, + [acl_enforcer] [varchar](255) DEFAULT NULL NULL, + [agent_id] [varchar](255) DEFAULT NULL NULL, + [client_ip] [varchar](255) DEFAULT NULL NULL, + [client_type] [varchar](255) DEFAULT NULL NULL, + [policy_id] [bigint] DEFAULT 0 NULL, + [repo_name] [varchar](255) DEFAULT NULL NULL, + [repo_type] [int] DEFAULT 0 NULL, + [result_reason] [varchar](255) DEFAULT NULL NULL, + [session_id] [varchar](255) DEFAULT NULL NULL, + [event_time] [datetime2] DEFAULT NULL NULL, + [request_user] [varchar](255) DEFAULT NULL NULL, + [action] [varchar](2000) DEFAULT NULL NULL, + [request_data] [varchar](2000) DEFAULT NULL NULL, + [resource_path] [varchar](2000) DEFAULT NULL NULL, + [resource_type] [varchar](255) DEFAULT NULL NULL, +PRIMARY KEY CLUSTERED +( + [id] ASC +)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX [xa_access_audit_cr_time] ON [xa_access_audit] +( + [create_time] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX [xa_access_audit_event_time] ON [xa_access_audit] +( + [event_time] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX [xa_access_audit_added_by_id] ON [xa_access_audit] +( + [added_by_id] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX [xa_access_audit_upd_by_id] ON [xa_access_audit] +( + [upd_by_id] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX [xa_access_audit_up_time] ON [xa_access_audit] +( + [update_time] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +exit
