hive-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thejas Nair <thejas.n...@gmail.com>
Subject Re: "show databases" doesn't return all databases with Kerberos/Sentry enabled
Date Wed, 13 May 2015 19:39:18 GMT
Hi Liping,
As Szehon said, the sentry mailing list is likely to be able to help
you with this.

Please note that the security@hive.apache.org is meant to be used to
report security vulnerabilities, it is not the right place for
questions on features .

Thanks,
Thejas


On Wed, May 13, 2015 at 12:05 PM, Szehon Ho <szehon@cloudera.com> wrote:
> Hi Liping
>
> Do you want to check the Sentry mailing list as well?  They might know more
> about this scenario.
>
> Thanks
> Szehon
>
> On Wed, May 13, 2015 at 10:18 AM, Liping Zhang <zlpmichelle@gmail.com>
> wrote:
>>
>> Dear all,
>>
>> I installed CDH, kerberos, sentry to enable security for hive beeline. I
>> did following commands:
>>
>> # kinit -k -t hive.keytab
>> hive/ip-172-31-9-84.us-west-2.compute.internal@HADOOP.COM
>>
>> # beeline -u
>> "jdbc:hive2://ip-172-31-9-84.us-west-2.compute.internal:10000/default;principal=hive/ip-172-31-9-84.us-west-2.compute.interna@HADOOP.COM"
>>
>>
>> and in beeline CLI:
>> # show databases
>> # show tables
>> these 2 "show" commands did work well and return all the databases and
>> tables we had.
>>
>> However, after I changed some configuration and restart hive,  and rerun
>> above commands with "hive" user, it was  strange that in beeline CLI, "show
>> databases" and "show tables" didn't return all the databases and tables we
>> had, instead, they only returned one "default" database, and no tables
>> returned.
>>
>> The configuration change I remembered included:
>> Adding:
>>
>> <property>
>>     <name>hive.server2.authentication</name>
>>     <value>KERBEROS</value>
>> </property>
>> To Hive Client Configuration Safety Valve for hive-site.xml (Gateway
>> service in CM) properly modified the hive-site.xml for Hue Server.
>>
>>
>> The commands in beeline I remembered after restarting hive, and before
>> running "show databases" and "show tables" was:
>> # create role role1;
>> # show roles;
>> # show current roles;
>>
>> after that, the "hive" user in beeline could only return "default"
>> database with no tables for "show databases" and "show tables" command.
>>
>>
>> And I checked /user/hive/warehouse dir, all the databases and tables files
>> did existed.
>>
>>
>> Did anyone met this kind of issue before? Any comments and discussion are
>> highly appreciated!
>>
>>
>> --
>> Cheers,
>> -----
>> Big Data - Big Wisdom - Big Value
>> --------------
>> Michelle Zhang (Liping Zhang)
>
>

Mime
View raw message