Hive
  1. Hive
  2. HIVE-3277

Enable Metastore audit logging for non-secure connections

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.10.0
    • Fix Version/s: 0.10.0
    • Component/s: Logging, Metastore, Security
    • Labels:
      None
    1. HIVE-3277.patch.2
      1 kB
      Sean Mackrory
    2. HIVE-3277.patch.1
      1 kB
      Sean Mackrory

      Issue Links

        Activity

        Hide
        Carl Steinbach added a comment -

        Audit logging for the metastore was added in HIVE-1948, but it only gets invoked if the client connection is secure. We should also enable this for non-secure connections.

        Show
        Carl Steinbach added a comment - Audit logging for the metastore was added in HIVE-1948 , but it only gets invoked if the client connection is secure. We should also enable this for non-secure connections.
        Hide
        Harsh J added a comment -

        Hi Carl,

        We do get some audit logging in unsecure mode but it lacks info I think. Isn't this done already via HIVE-2797?

        Show
        Harsh J added a comment - Hi Carl, We do get some audit logging in unsecure mode but it lacks info I think. Isn't this done already via HIVE-2797 ?
        Hide
        Sean Mackrory added a comment -

        This patch uses the alternative method of determining the IP address in the event that there is no SASL connection. I've tested this out on a pseudo-distributed Hadoop cluster and audit logging worked.

        Show
        Sean Mackrory added a comment - This patch uses the alternative method of determining the IP address in the event that there is no SASL connection. I've tested this out on a pseudo-distributed Hadoop cluster and audit logging worked.
        Hide
        Sean Mackrory added a comment -

        My apologies - original patch was malformed.

        Show
        Sean Mackrory added a comment - My apologies - original patch was malformed.
        Hide
        Sean Mackrory added a comment -
        Show
        Sean Mackrory added a comment - Code review: https://reviews.apache.org/r/7236/
        Hide
        Sean Mackrory added a comment -

        Second patch fixes a code style issue

        Show
        Sean Mackrory added a comment - Second patch fixes a code style issue
        Hide
        Carl Steinbach added a comment -

        +1. Will commit if tests pass.

        Show
        Carl Steinbach added a comment - +1. Will commit if tests pass.
        Hide
        Hudson added a comment -

        Integrated in Hive-trunk-h0.21 #1697 (See https://builds.apache.org/job/Hive-trunk-h0.21/1697/)
        HIVE-3277. Enable Metastore audit logging for non-secure connections (Sean Mackrory via cws) (Revision 1390155)

        Result = FAILURE
        cws : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1390155
        Files :

        • /hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
        Show
        Hudson added a comment - Integrated in Hive-trunk-h0.21 #1697 (See https://builds.apache.org/job/Hive-trunk-h0.21/1697/ ) HIVE-3277 . Enable Metastore audit logging for non-secure connections (Sean Mackrory via cws) (Revision 1390155) Result = FAILURE cws : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1390155 Files : /hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
        Hide
        Carl Steinbach added a comment -

        @Sean: Thanks for marking this resolved.

        Show
        Carl Steinbach added a comment - @Sean: Thanks for marking this resolved.
        Hide
        Hudson added a comment -

        Integrated in Hive-trunk-hadoop2 #54 (See https://builds.apache.org/job/Hive-trunk-hadoop2/54/)
        HIVE-3277. Enable Metastore audit logging for non-secure connections (Sean Mackrory via cws) (Revision 1390155)

        Result = ABORTED
        cws : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1390155
        Files :

        • /hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
        Show
        Hudson added a comment - Integrated in Hive-trunk-hadoop2 #54 (See https://builds.apache.org/job/Hive-trunk-hadoop2/54/ ) HIVE-3277 . Enable Metastore audit logging for non-secure connections (Sean Mackrory via cws) (Revision 1390155) Result = ABORTED cws : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1390155 Files : /hive/trunk/metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java

          People

          • Assignee:
            Sean Mackrory
            Reporter:
            Carl Steinbach
          • Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development