[英]Configure Sentry to show/hide different databases for different users
I have a cluster running with cdh-5.7.0 and configured the following setup 我有一个运行cdh-5.7.0的群集,并配置了以下设置
My goal is to restrict users to see which databases exist in my system. 我的目标是限制用户查看我的系统中存在哪些数据库。 Eg: 例如:
show databases
User-A在执行show databases
时仅应看到数据库DB-A show databases
用户B在执行show databases
时仅应看到数据库DB-B I followed the article https://blog.cloudera.com/blog/2013/12/how-to-get-started-with-sentry-in-hive/ to make that happen. 我遵循了这篇文章https://blog.cloudera.com/blog/2013/12/how-to-get-start-with-sentry-in-hive/来实现这一目标。 But without success. 但是没有成功。 What I achieved was that 我实现的是
But both can still see DB-A and DB-B when executing show databases
. 但是在执行show databases
时,两者仍然仍然可以看到DB-A和DB-B。 But i want to avoid this. 但我想避免这种情况。
Any hints from you how the rules or the setup could looks like to get that running? 您是否有任何提示提示规则或设置可能如何运行?
Thanks Marko 谢谢马尔科
According your description and from what I've learned from existing setups, in case of Sentry v1.6+ you need to add the following property to your hive-site.xml
: 根据您的描述以及从现有设置中学到的知识,对于Sentry v1.6 +,您需要将以下属性添加到hive-site.xml
:
<property>
<name>hive.metastore.filter.hook</name>
<value>org.apache.sentry.binding.metastore.SentryMetaStoreFilterHook</value>
</property>
Even if you are on CDH 5.7, the MapR 5 documentation is providing some context. 即使您使用的是CDH 5.7, MapR 5文档也提供了一些上下文。 As well Sentry Service Interactions . 以及哨兵服务互动 。
After re-starting the Hive service you should be able to see the result which you are expecting. 重新启动Hive服务后,您应该可以看到预期的结果。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.