diff --git a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index 6c7adbd..5b93caf 100644 --- a/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ b/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -75,6 +75,7 @@ private static final Map vars = new HashMap(); private static final Map metaConfs = new HashMap(); private final List restrictList = new ArrayList(); + private final List hiddenList = new ArrayList(); private Pattern modWhiteListPattern = null; private volatile boolean isSparkConfigUpdated = false; @@ -2093,6 +2094,9 @@ public void setSparkConfigUpdated(boolean isSparkConfigUpdated) { HIVE_CONF_RESTRICTED_LIST("hive.conf.restricted.list", "hive.security.authenticator.manager,hive.security.authorization.manager,hive.users.in.admin.role", "Comma separated list of configuration options which are immutable at runtime"), + HIVE_CONF_HIDDEN_LIST("hive.conf.hidden.list", + METASTOREPWD.varname + "," + HIVE_SERVER2_SSL_KEYSTORE_PASSWORD.varname, + "Comma separated list of configuration options which should not be read by normal user like passwords"), // If this is set all move tasks at the end of a multi-insert query will only begin once all // outputs are ready @@ -2627,6 +2631,10 @@ public void verifyAndSet(String name, String value) throws IllegalArgumentExcept } } + public boolean isHiddenConfig(String name) { + return hiddenList.contains(name); + } + /** * check whether spark related property is updated, which includes spark configurations, * RSC configurations and yarn configuration in Spark on YARN mode. @@ -2976,6 +2984,7 @@ private void initialize(Class cls) { // setup list of conf vars that are not allowed to change runtime setupRestrictList(); + setupHiddenList(); } @@ -3295,6 +3304,17 @@ private void setupRestrictList() { } restrictList.add(ConfVars.HIVE_IN_TEST.varname); restrictList.add(ConfVars.HIVE_CONF_RESTRICTED_LIST.varname); + restrictList.add(ConfVars.HIVE_CONF_HIDDEN_LIST.varname); + } + + private void setupHiddenList() { + String hiddenListStr = this.getVar(ConfVars.HIVE_CONF_HIDDEN_LIST); + hiddenList.clear(); + if (hiddenListStr != null) { + for (String entry : hiddenListStr.split(",")) { + hiddenList.add(entry.trim()); + } + } } public static boolean isLoadMetastoreConfig() { diff --git a/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java b/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java index 06a83ae..64d5a09 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/processors/SetProcessor.java @@ -63,6 +63,9 @@ private void dumpOptions(Properties p) { for (Object one : p.keySet()) { String oneProp = (String) one; String oneValue = p.getProperty(oneProp); + if (ss.getConf().isHiddenConfig(oneProp)) { + continue; + } sortedMap.put(oneProp, oneValue); } @@ -89,7 +92,9 @@ private void dumpOptions(Properties p) { private void dumpOption(String s) { SessionState ss = SessionState.get(); - if (ss.getConf().get(s) != null) { + if (ss.getConf().isHiddenConfig(s)) { + ss.out.println(s + " is hidden config"); + } else if (ss.getConf().get(s) != null) { ss.out.println(s + "=" + ss.getConf().get(s)); } else if (ss.getHiveVariables().containsKey(s)) { ss.out.println(s + "=" + ss.getHiveVariables().get(s));