[jira] [Commented] (SENTRY-1757) Avoid using local hive meta store using wrong configuration

Tue, 09 May 2017 14:15:57 -0700 

    [ 
https://issues.apache.org/jira/browse/SENTRY-1757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16003574#comment-16003574
 ] 

Sergio Peña commented on SENTRY-1757:
-------------------------------------

[~LinaAtAustin] The HMSFollower does not connect to a local metastore anymore. 
This check on the code makes sure to not get the HMS connection until the 
hive.metastore.uris is set:
http://github.mtv.cloudera.com/CDH/sentry/blob/cdh5-1.5.1_ha/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HMSFollower.java#L132

About reading the Hive configuration, I see that the HiveConf (which reads the 
hive-site.xml) is created after the check. [~akolb] Is code correct? Didn't we 
want to read the HiveConf previous doing the check so that it reads the 
hive.metastore.uris?

> Avoid using local hive meta store using wrong configuration
> -----------------------------------------------------------
>
>                 Key: SENTRY-1757
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1757
>             Project: Sentry
>          Issue Type: Sub-task
>          Components: Sentry
>    Affects Versions: sentry-ha-redesign
>            Reporter: Na Li
>            Assignee: Na Li
>            Priority: Blocker
>              Labels: security
>
> When HMSFollower.getMetaStoreClient() checks if it should create 
> HiveMetaStoreClient, it uses the input configuration from SentryService.
> In real cluster deployment, the configuration does not contain value for 
> "hive.metastore.uris", and therefore, HMSFollower never connects to the real 
> meta store. 
> In integration test, the configuration contains value for 
> "hive.metastore.uris". Therefore integration tests pass. 
> We need to check Hive configuration to avoid connecting to local meta store. 
> And remove the value for "hive.metastore.uris" in integration test, so its 
> behavior is the same as real cluster deployment.
> TestHDFSIntegrationBase.startSentry() `properties.put("hive.metastore.uris", 
> "thrift://localhost:" + hmsPort);` is introduced in SENTRY-1429, SENTRY-1454, 
> and SENTRY-1456



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to