Here is the one I was using - make sure to edit database settings. You also need to have users to group mapping file - I use the following:
[users] akolb = hive Config attached. On Thu, Feb 1, 2018 at 7:15 AM, Xinran Yu Tinney <yuxinran8...@gmail.com> wrote: > Hi, Sasha, > The only sentry-site.xml I found is shown in the picture below, it > seems still something is missing. > > Thanks! > > 2018-01-30 18:34 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>: > >> The way run_sentry works - it actually runs mvn exec:java which builds >> code >> in your local repo and creates jar files. If you run this as root, these >> files will be owned by root which is not good, so please do not run this >> via sudo to save you some trouble. >> >> A simple way to use it to run sentry: >> >> run_sentry --command service -conffile /path/to/sentry-site.xml >> >> This should work as long as your normal things (like mvn install >> -DskipTests) is working. >> >> Best, >> >> - Alex >> >> On Tue, Jan 30, 2018 at 1:41 PM, Xinran Yu Tinney <yuxinran8...@gmail.com >> > >> wrote: >> >> > Hi, Sasha, what do you mean change ownership of files? >> > Also, Lina, I have run the command but it seems something removed the >> > JAVA_HOME, please see the attachment. >> > >> > 2018-01-12 16:57 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>: >> > >> >> Running it via studio is not the best idea since it will change >> ownership >> >> of files in your repo. Sentry doesn't need root privileges. >> >> >> >> > On Jan 12, 2018, at 14:10, Na Li <lina...@cloudera.com> wrote: >> >> > >> >> > one example >> >> > >> >> > to creating schema >> >> > - command: sudo ./run_sentry.sh --command schema-tool --conffile >> >> > sentry-site.xml --dbType mysql --initSchema >> >> > >> >> > On Fri, Jan 12, 2018 at 3:18 PM, Xinran Yu Tinney < >> >> yuxinran8...@gmail.com> >> >> > wrote: >> >> > >> >> >> What are the arguments that can be used? I have attached a >> screenshot, >> >> >> using "service", but seems not working. >> >> >> >> >> >> 2018-01-12 14:56 GMT-06:00 Alexander Kolbasov <ak...@cloudera.com>: >> >> >> >> >> >>> It is easy. Your current directory should be within the got repo >> and >> >> the >> >> >>> actual script can be anywhere. Just run it with whatever argument >> you >> >> want >> >> >>> to pass to main. The script users maven to build and run sentry so >> it >> >> >>> doesn't depend on any class path. >> >> >>> >> >> >>> On Fri, Jan 12, 2018 at 12:30 Xinran Yu Tinney < >> >> yuxinran8...@gmail.com> >> >> >>> wrote: >> >> >>> >> >> >>>> Hi, >> >> >>>> Does anyone know how to run bin/run_sentry.sh? Thanks! >> >> >>>> >> >> >>>> >> >> >>>> Xinran >> >> >>>> >> >> >>> >> >> >> >> >> >> >> >> >> > >> > >> > >
<?xml version="1.0" encoding="UTF-8"?> <configuration> <property> <name>sentry.service.server.rpc-address</name> <value>localhost</value> </property> <property> <name>sentry.service.client.server.rpc-address</name> <value>localhost:8038</value> </property> <property> <name>sentry.service.server.rpc-port</name> <value>8038</value> </property> <property> <name>sentry.service.security.mode</name> <value>none</value> </property> <property> <name>sentry.service.admin.group</name> <value>hive,impala,hue,solr,kafka</value> </property> <property> <name>sentry.service.allow.connect</name> <value>hive,impala,hue,hdfs,solr,kafka, akolb</value> </property> <property> <name>sentry.store.group.mapping</name> <value>org.apache.sentry.provider.file.LocalGroupMappingService</value> </property> <property> <name>sentry.store.group.mapping.resource</name> <value>/Users/akolb/etc/users.ini</value> </property> <property> <name>sentry.service.server.keytab</name> <value>sentry.keytab</value> </property> <!-- --> <property> <name>sentry.store.jdbc.url</name> <value>jdbc:mysql://localhost/sentryserver</value> </property> <property> <name>sentry.store.jdbc.driver</name> <value>com.mysql.jdbc.Driver</value> </property> <property> <name>sentry.store.jdbc.user</name> <value>USER</value> </property> <property> <name>sentry.store.jdbc.password</name> <value>PASSWORD</value> </property> <property> <name>sentry.service.processor.factories</name> <value>org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory,org.apache.sentry.provider.db.generic.service.thrift.SentryGenericPolicyProcessorFactory,org.apache.sentry.hdfs.SentryHDFSServiceProcessorFactory</value> </property> <property> <name>sentry.policy.store.plugins</name> <value>org.apache.sentry.hdfs.SentryPlugin</value> </property> <property> <name>sentry.hdfs.integration.path.prefixes</name> <value>/user/hive/warehouse</value> </property> <!-- --> <property> <name>sentry.service.web.enable</name> <value>true</value> </property> <!-- --> <property> <name>sentry.service.web.port</name> <value>51000</value> </property> <property> <name>sentry.web.admin.servlet.enabled</name> <value>true</value> </property> <property> <name>sentry.service.reporter</name> <value>console</value> </property> <property> <name>sentry.service.reporter.interval.sec</name> <value>300</value> </property> <property> <name>sentry.service.web.authentication.type</name> <value>NONE</value> </property> <!-- --> <property> <name>sentry.ha.zookeeper.quorum</name> <value>127.0.0.1:2181</value> </property> <property> <name>sentry.ha.standby.signal</name> <value>USR2</value> </property> <!-- --> </configuration>