Here some extra info on my efforts so far:
1)I log in with the hdfs usr in hue. The hadoop group (/etc/group) consists of users hdfs/mapred/yarn. There is also a group hdfs.
2) I have created a sentry-provider.ini file as decribed in https://www.cloudera.com/documentation/enterprise/latest/topics/cdh_sg_sentry.html#concept_iw1_5dp_w...
As my goal is to just give access rights to everything for the hdfs user, the file looks like this:
[groups]
# Assigns each Hadoop group to its set of roles
hadoop = admin_role
hdfs = admin_role
[roles]
# Implies everything on server1.
admin_role = server=server1
3) I put the file in the directory that corresponds to the parameter Sentry Global Policy File in the hive configuration (/user/hive/sentry/sentry-provider.ini on hdfs) and restarted the cluster.
4) In the hive configuration, the sentry parameters are as follows: Sentry Service = none / Enable Sentry Authorization using Policy Files: checked. Is this correct? These 2 configurations seem mutually exclusive: I can not enable them both. It seems I need to provide the .ini file to define my roles so this seems the more important parameter that I enabled.
5) I restarted the whole cluster.
WHen I try again accessing a table in hue through hive or impala, I get errors related to priviliges. Does anyone know what I am missing??
Further I notice one should set grants through Hive QL as described here : https://www.cloudera.com/documentation/enterprise/5-5-x/topics/sg_hive_sql.html . Currently I have no roles. Is this maybe the reason why I only see the default db and not all databases when I execute 'SHOW DATABASES' ?
Thanks!!
