Repository: ambari Updated Branches: refs/heads/branch-feature-AMBARI-18901 1b90011eb -> 548d4570a
AMBARI-19060. Update the HiveServer config values if Security Authorization chosen is None. Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/548d4570 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/548d4570 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/548d4570 Branch: refs/heads/branch-feature-AMBARI-18901 Commit: 548d4570a5e5661e3ee4a9a8f9db526a271ec522 Parents: 1b90011 Author: Swapan Shridhar <sshrid...@hortonworks.com> Authored: Thu Dec 1 16:46:31 2016 -0800 Committer: Swapan Shridhar <sshrid...@hortonworks.com> Committed: Thu Dec 1 16:46:31 2016 -0800 ---------------------------------------------------------------------- .../stacks/HDP/2.2/services/stack_advisor.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/548d4570/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py index 4854514..8187da8 100644 --- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py +++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py @@ -300,6 +300,7 @@ class HDP22StackAdvisor(HDP21StackAdvisor): putWebhcatSiteProperty = self.putProperty(configurations, "webhcat-site", services) putHiveSitePropertyAttribute = self.putPropertyAttribute(configurations, "hive-site") putHiveEnvPropertyAttributes = self.putPropertyAttribute(configurations, "hive-env") + putHiveServerPropertyAttributes = self.putPropertyAttribute(configurations, "hiveserver2-site") servicesList = [service["StackServices"]["service_name"] for service in services["services"]] # Storage @@ -520,7 +521,8 @@ class HDP22StackAdvisor(HDP21StackAdvisor): putHiveServerProperty("hive.security.authorization.enabled", "true") putHiveServerProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory") putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator") - putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.users.in.admin.role") + putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.security.metastore.authorization.manager," + "hive.security.metastore.authenticator.manager,hive.users.in.admin.role,hive.server2.xsrf.filter.enabled,hive.security.authorization.enabled") putHiveSiteProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory") if sqlstdauth_class not in auth_manager_values: auth_manager_values.append(sqlstdauth_class) @@ -536,7 +538,16 @@ class HDP22StackAdvisor(HDP21StackAdvisor): putHiveServerProperty("hive.security.authorization.enabled", "true") putHiveServerProperty("hive.security.authorization.manager", "com.xasecure.authorization.hive.authorizer.XaSecureHiveAuthorizerFactory") putHiveServerProperty("hive.security.authenticator.manager", "org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator") - putHiveServerProperty("hive.conf.restricted.list", "hive.security.authorization.enabled,hive.security.authorization.manager,hive.security.authenticator.manager") + putHiveServerProperty("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.security.metastore.authorization.manager," + "hive.security.metastore.authenticator.manager,hive.users.in.admin.role,hive.server2.xsrf.filter.enabled,hive.security.authorization.enabled") + + # hive_security_authorization == 'None' + if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower() == "None": + putHiveSiteProperty("hive.server2.enable.doAs", "true") + putHiveServerProperty("hive.security.authorization.enabled", "false") + putHiveServerPropertyAttributes("hive.security.authorization.manager", 'delete', 'true') + putHiveServerPropertyAttributes("hive.security.authenticator.manager", 'delete', 'true') + putHiveServerPropertyAttributes("hive.conf.restricted.list", 'delete', 'true') putHiveSiteProperty("hive.server2.use.SSL", "false")