Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Won't Do
-
2.1.0
-
None
-
None
-
Hive Version: 3.1.2
Ranger: 2.1
os: centos
Description
When I create a table on AWS EMR 6.2 which shows the following error message.
But eventually create success.
Although does not affect the use but I really want to know why.
2021-02-24T06:14:41,059 ERROR [925310d9-d40a-437a-af54-eeec38b2c8d5 HiveServer2-Handler-Pool: Thread-103([])]: client.RangerAdminRESTClient (RangerAdminRESTClient.java:getUserRoles(434)) - getUserRoles() failed: HTTP status=401, message=Authentication Failed, isSecure=false
2021-02-24T06:14:41,078 ERROR [925310d9-d40a-437a-af54-eeec38b2c8d5 HiveServer2-Handler-Pool: Thread-103([])]: authorizer.RangerHiveAuthorizer (RangerHiveAuthorizer.java:initUserRoles(322)) - Error while fetching roles from ranger for user : hadoop
org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException: org.apache.hadoop.security.AccessControlException: Permission denied.
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.getCurrentRoleNamesFromRanger(RangerHiveAuthorizer.java:365) ~[ranger-hive-plugin-2.1.0.jar:2.1.0]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.initUserRoles(RangerHiveAuthorizer.java:320) [ranger-hive-plugin-2.1.0.jar:2.1.0]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.getCurrentRoles(RangerHiveAuthorizer.java:329) [ranger-hive-plugin-2.1.0.jar:2.1.0]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.checkPrivileges(RangerHiveAuthorizer.java:785) [ranger-hive-plugin-2.1.0.jar:2.1.0]
at org.apache.hadoop.hive.ql.Driver.doAuthorizationV2(Driver.java:1307) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.Driver.doAuthorization(Driver.java:1071) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.Driver.compile(Driver.java:698) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.Driver.compileInternal(Driver.java:1826) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.Driver.compileAndRespond(Driver.java:1773) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.Driver.compileAndRespond(Driver.java:1768) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hadoop.hive.ql.reexec.ReExecDriver.compileAndRespond(ReExecDriver.java:126) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:197) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.operation.SQLOperation.runInternal(SQLOperation.java:260) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.operation.Operation.run(Operation.java:247) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementInternal(HiveSessionImpl.java:541) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatement(HiveSessionImpl.java:516) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_272]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_272]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_272]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_272]
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:78) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.session.HiveSessionProxy.access$000(HiveSessionProxy.java:36) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.session.HiveSessionProxy$1.run(HiveSessionProxy.java:63) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at java.security.AccessController.doPrivileged(Native Method) [?:1.8.0_272]
at javax.security.auth.Subject.doAs(Subject.java:422) [?:1.8.0_272]
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1730) [hadoop-common-3.2.1-amzn-2.jar:?]
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:59) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at com.sun.proxy.$Proxy68.executeStatement(Unknown Source) [?:?]
at org.apache.hive.service.cli.CLIService.executeStatement(CLIService.java:282) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.cli.thrift.ThriftCLIService.ExecuteStatement(ThriftCLIService.java:563) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1557) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1542) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.hive.service.auth.TSetIpAddressProcessor.process(TSetIpAddressProcessor.java:56) [hive-service-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286) [hive-exec-3.1.2-amzn-3.jar:3.1.2-amzn-3]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_272]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_272]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_272]
Caused by: org.apache.hadoop.security.AccessControlException: Permission denied.
at org.apache.ranger.admin.client.RangerAdminRESTClient.getUserRoles(RangerAdminRESTClient.java:437) ~[?:?]
at org.apache.ranger.plugin.service.RangerBasePlugin.getUserRoles(RangerBasePlugin.java:489) ~[?:?]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.getCurrentRoleNamesFromRanger(RangerHiveAuthorizer.java:351) ~[?:?]
... 38 more