IMPALA-5006 [DOCS] Remove chunks of Cloudera-specific content

from the Impala Security Guide. The scope of this gerrit is dealing with chunks of CM content still remaining in the security guide. Some of work on the SSL, LDAP and Sentry topics was done by John in a separate gerrit. Change-Id: I65a2aa96d7d45f6c1b348105727ddb5c4a6be6d2 Reviewed-on: http://gerrit.cloudera.org:8080/6231 Reviewed-by: John Russell <jrussell@cloudera.com> Tested-by: Impala Public Jenkins
2025-12-19 18:12:08 -05:00 · 2017-03-02 13:22:41 -08:00
parent 13837262b7
commit c6673634bb
4 changed files with 5 additions and 81 deletions
--- a/docs/topics/impala_auditing.xml
+++ b/docs/topics/impala_auditing.xml
@@ -49,21 +49,15 @@ under the License.
        in your <cmdname>impalad</cmdname> startup options.
        The log directory must be a local directory on the
        server, not an HDFS directory.
        <p audience="hidden">
 	  For a cluster managed by Cloudera Manager, see
          <xref
          href="cn_iu_audit_log.xml#xd_583c10bfdbd326ba--6eed2fb8-14349d04bee--7d6f/section_v25_lmy_bn"/>.
        </p>
      </li>
      <li>
        Decide how many queries will be represented in each log file. By default,
        Impala starts a new log file every 5000 queries. To specify a different number, <ph
-          audience="standalone">include
+        audience="standalone">include
        the option <codeph>-max_audit_event_log_file_size=<varname>number_of_queries</varname></codeph>
        in the <cmdname>impalad</cmdname> startup options</ph>
-        <xref href="cn_iu_audit_log.xml#xd_583c10bfdbd326ba--6eed2fb8-14349d04bee--7d6f/section_v25_lmy_bn" audience="integrated">
+        <xref href="cn_iu_audit_log.xml#xd_583c10bfdbd326ba--6eed2fb8-14349d04bee--7d6f/section_v25_lmy_bn" audience="integrated">configure Impala Daemon logging in Cloudera Manager</xref>.
        configure Impala Daemon logging in Cloudera Manager</xref>.
      </li>
      <li> 
@@ -71,13 +65,6 @@ under the License.
        and produce reports based on the audit logs collected
        from all the hosts in the cluster. 
      </li>
      <li audience="hidden">
        Use Cloudera Navigator or Cloudera Manager to filter, visualize, and produce reports based on the audit
        data. (The Impala auditing feature works with Cloudera Manager 4.7 to 5.1 and Cloudera Navigator 2.1 and
        higher.) Check the audit data to ensure that all activity is authorized and detect attempts at
        unauthorized access.
      </li>
    </ul>
    <p outputclass="toc inpage"/>
@@ -275,25 +262,4 @@ Here is an excerpt from a sample audit log file:
      </p>
    </conbody>
  </concept>
  <concept id="auditing_reviewing" audience="hidden">
    <title>Reviewing the Audit Logs</title>
  <prolog>
    <metadata>
      <data name="Category" value="Logs"/>
    </metadata>
  </prolog>
    <conbody>
      <p>
        You typically do not review the audit logs in raw form. The Cloudera Manager Agent periodically transfers
        the log information into a back-end database where it can be examined in consolidated form. See
        <ph audience="standalone">the <xref href="http://www.cloudera.com/content/cloudera-content/cloudera-docs/Navigator/latest/Cloudera-Navigator-Installation-and-User-Guide/Cloudera-Navigator-Installation-and-User-Guide.html"
            scope="external" format="html">Cloudera Navigator documentation</xref> for details</ph>
            <xref href="cn_iu_audits.xml#cn_topic_7" audience="integrated" />.
      </p>
    </conbody>
  </concept>
 </concept>
--- a/docs/topics/impala_kerberos.xml
+++ b/docs/topics/impala_kerberos.xml
@@ -48,15 +48,6 @@ under the License.
      <cmdname>impalad</cmdname> or <cmdname>statestored</cmdname>.
    </p>
    <p audience="hidden">
      For more information on enabling Kerberos authentication, see the
      topic on Configuring Hadoop Security in the
      <xref href="http://www.cloudera.com/documentation/enterprise/latest/topics/cdh_sg_cdh5_hadoop_security.html" scope="external" format="html">CDH 5 Security Guide</xref>.
      When using Impala in a managed environment, Cloudera Manager automatically completes Kerberos configuration.
      <ph rev="upstream">Cloudera</ph> recommends using a consistent format, such as
      <codeph>impala/_HOST@Your-Realm</codeph>, but you can use any three-part Kerberos server principal.
    </p>
    <note conref="../shared/impala_common.xml#common/authentication_vs_authorization"/>
    <p>
@@ -107,29 +98,6 @@ under the License.
        name of the <codeph>keytab</codeph> file containing the credentials for the principal.
      </p>
      <p audience="hidden">
        Impala supports the Cloudera ODBC driver and the Kerberos interface provided. To use Kerberos through the
        ODBC driver, the host type must be set depending on the level of the ODBC driver:
      </p>
      <ul audience="hidden">
        <li>
          <codeph>SecImpala</codeph> for the ODBC 1.0 driver.
        </li>
        <li>
          <codeph>SecBeeswax</codeph> for the ODBC 1.2 driver.
        </li>
        <li>
          Blank for the ODBC 2.0 driver or higher, when connecting to a secure cluster.
        </li>
        <li>
          <codeph>HS2NoSasl</codeph> for the ODBC 2.0 driver or higher, when connecting to a non-secure cluster.
        </li>
      </ul>
      <p>
        To enable Kerberos in the Impala shell, start the <cmdname>impala-shell</cmdname> command using the
        <codeph>-k</codeph> flag.
--- a/docs/topics/impala_lineage.xml
+++ b/docs/topics/impala_lineage.xml
@@ -56,13 +56,6 @@ under the License.
      not tampered with.
    </p>
    <p audience="hidden">
      You interact with this feature through <term>lineage diagrams</term> showing relationships between tables and
      columns. For instructions about interpreting lineage diagrams, see
      <xref audience="integrated" href="cn_iu_lineage.xml" />
      <xref audience="standalone" href="http://www.cloudera.com/documentation/enterprise/latest/topics/cn_iu_lineage.html" scope="external" format="html"/>.
    </p>
    <section id="column_lineage">
      <title>Column Lineage</title>
@@ -119,10 +112,7 @@ under the License.
      <p>
        To enable or disable this feature, set or remove the <codeph>-lineage_event_log_dir</codeph>
-        configuration option for the <cmdname>impalad</cmdname> daemon. <ph audience="hidden">For
+        configuration option for the <cmdname>impalad</cmdname> daemon.
        information about turning the lineage feature on and off through Cloudera Manager, see
        <xref audience="integrated" href="datamgmt_impala_lineage_log.xml"/>
        <xref audience="standalone" href="http://www.cloudera.com/documentation/enterprise/latest/topics/datamgmt_impala_lineage_log.html" scope="external" format="html"/>.</ph>
      </p>
    </section>
--- a/docs/topics/impala_security_guidelines.xml
+++ b/docs/topics/impala_security_guidelines.xml
@@ -87,8 +87,8 @@ under the License.
      <p>
        The Impala authorization feature makes use of the HDFS file ownership and permissions mechanism; for
        background information, see the
-        <xref href="https://archive.cloudera.com/cdh/3/hadoop/hdfs_permissions_guide.html" scope="external" format="html">CDH
+        <xref href="https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/HdfsPermissionsGuide.html" scope="external" format="html">HDFS Permissions Guide</xref>.
-        HDFS Permissions Guide</xref>. Set up users and assign them to groups at the OS level, corresponding to the
+        Set up users and assign them to groups at the OS level, corresponding to the
        different categories of users with different access levels for various databases, tables, and HDFS
        locations (URIs). Create the associated Linux users using the <cmdname>useradd</cmdname> command if
        necessary, and add them to the appropriate groups with the <cmdname>usermod</cmdname> command.