AMBARI-19119. Fix hive-site.xml and hive-env.sh permissions for /etc/hive/conf (client) folder from 600 to 644.(vbrodetskyi)
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive.py
index 459105f..67138a4 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/hive.py
@@ -106,7 +106,9 @@
@OsFamilyFuncImpl(os_family=OsFamilyImpl.DEFAULT)
def hive(name=None):
import params
-
+ hive_client_conf_path = format("{stack_root}/current/{component_directory}/conf")
+ # Permissions 644 for conf dir (client) files, and 600 for conf.server
+ mode_identified = 0644 if params.hive_config_dir == hive_client_conf_path else 0600
if name == 'hiveserver2':
# copy tarball to HDFS feature not supported
if not (params.stack_version_formatted_major and check_stack_feature(StackFeature.COPY_TARBALL_TO_HDFS, params.stack_version_formatted_major)):
@@ -226,7 +228,7 @@
configuration_attributes=params.config['configuration_attributes']['hive-site'],
owner=params.hive_user,
group=params.user_group,
- mode=0600)
+ mode=mode_identified)
# Generate atlas-application.properties.xml file
if params.enable_atlas_hook:
@@ -254,7 +256,7 @@
File(format("{hive_config_dir}/hive-env.sh"),
owner=params.hive_user,
group=params.user_group,
- mode=0600,
+ mode=mode_identified,
content=InlineTemplate(params.hive_env_sh_template)
)
diff --git a/ambari-server/src/test/python/stacks/2.0.6/HIVE/test_hive_client.py b/ambari-server/src/test/python/stacks/2.0.6/HIVE/test_hive_client.py
index 1a7256f..265f040 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/HIVE/test_hive_client.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/HIVE/test_hive_client.py
@@ -75,7 +75,7 @@
self.assertResourceCalled('XmlConfig', 'hive-site.xml',
group = 'hadoop',
conf_dir = '/usr/hdp/current/hive-client/conf',
- mode = 0600,
+ mode = 0644,
configuration_attributes = self.getConfig()['configuration_attributes']['hive-site'],
owner = 'hive',
configurations = self.getConfig()['configurations']['hive-site'],
@@ -84,7 +84,7 @@
content = InlineTemplate(self.getConfig()['configurations']['hive-env']['content']),
owner = 'hive',
group = 'hadoop',
- mode = 0600,
+ mode = 0644,
)
self.assertResourceCalled('Directory', '/etc/security/limits.d',
owner = 'root',
@@ -155,7 +155,7 @@
self.assertResourceCalled('XmlConfig', 'hive-site.xml',
group = 'hadoop',
conf_dir = '/usr/hdp/current/hive-client/conf',
- mode = 0600,
+ mode = 0644,
configuration_attributes = self.getConfig()['configuration_attributes']['hive-site'],
owner = 'hive',
configurations = self.getConfig()['configurations']['hive-site'],
@@ -164,7 +164,7 @@
content = InlineTemplate(self.getConfig()['configurations']['hive-env']['content']),
owner = 'hive',
group = 'hadoop',
- mode = 0600,
+ mode = 0644,
)
self.assertResourceCalled('Directory', '/etc/security/limits.d',
owner = 'root',
