Cloudera Sentry compatibility

Showing 1-5 of 5 messages
Cloudera Sentry compatibility sachin...@gmail.com 8/26/13 2:04 AM
Hi,

I just wanted a clarification whether Sentry will work with CDH 4.2.1 or the minimum requirement is CDH 4.3.0.


Thanks a lot!
Sachin
Re: Cloudera Sentry compatibility Sanjay Subramanian 8/26/13 7:41 PM
Per doc here , its 4.3.0 or higher

I have got Sentry working alongside Hive with OpenLDAP server
But I am still struggling with the roles and privileges

any luck on your side ?

sanjay 
Re: Cloudera Sentry compatibility Shreepadma Venugopalan 8/27/13 12:04 PM
Hi Sachin,

Sentry requires at a minimum CDH4.3. Let me know if you have other Sentry questions.

Thanks.
Shreepadma


--
 
---
You received this message because you are subscribed to the Google Groups "CDH Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cdh-user+u...@cloudera.org.
For more options, visit https://groups.google.com/a/cloudera.org/groups/opt_out.

Re: Cloudera Sentry compatibility Shreepadma Venugopalan 8/27/13 12:05 PM
Hi Sanjay,

What is the specific problem you are running into with Sentry roles and privileges?

Shreepadma


--
 
---
You received this message because you are subscribed to the Google Groups "CDH Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cdh-user+u...@cloudera.org.
For more options, visit https://groups.google.com/a/cloudera.org/groups/opt_out.

Re: Cloudera Sentry compatibility Sanjay Subramanian 8/27/13 1:33 PM
I am not able to get the ROLES and AUTHORIZATION to cowk using Sentry 

Example 
-------------
Admin user creates a table

I have created a user called hiveuser1 that has only SELECT permission for one table

I find that hiveuser1 can login using beeline and drop the table 

Here are my config files

/etc/sentry/default.ini 
[roles]
sas_role = server=dev-thdp5.corp.nextag.com->db=default,table=keyword_impressions_log->action=select
admin_role = server=dev-thdp5.corp.nextag.com

/etc/sentry/sentry-provider.ini 
[databases]
default = file:////etc/sentry/default.ini

[groups]
sas_group = sas_role

[users]
hiveuser1 = sas_group

[roles]
sas_role = server=dev-thdp5.corp.nextag.com->db=default,table=keyword_impressions_log->action=select
admin_role = server=dev-thdp5.corp.nextag.com


/etc/sentry/sentry-site.xml 
<configuration>
    <property>
       <name>hive.sentry.provider</name>
       <value>org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider</value>
   </property>
   <property>
      <name>hive.sentry.provider.resource</name>
      <value>file:////etc/sentry/sentry-provider.ini</value>
   </property>
   <property>
      <name>hive.sentry.server</name>
      <value>dev-thdp5.corp.nextag.com</value>
      </property>
   </configuration>