[jira] [Commented] (HIVE-11029) hadoop.proxyuser.mapr.groups does not work to restrict the groups that can be impersonated

[Hive QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HIVE-11029?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14591188#comment-14591188
 ] 

Hive QA commented on HIVE-11029:
--------------------------------



{color:red}Overall{color}: -1 at least one tests failed

Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12740219/HIVE-11029.patch

{color:red}ERROR:{color} -1 due to 1 failed/errored test(s), 9007 tests executed
*Failed tests:*
{noformat}
TestCustomAuthentication - did not produce a TEST-*.xml file
{noformat}

Test results: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/4294/testReport
Console output: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/4294/console
Test logs: 
http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-4294/

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
Tests exited with: TestsFailedException: 1 tests failed
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12740219 - PreCommit-HIVE-TRUNK-Build

> hadoop.proxyuser.mapr.groups does not work to restrict the groups that can be 
> impersonated
> ------------------------------------------------------------------------------------------
>
>                 Key: HIVE-11029
>                 URL: https://issues.apache.org/jira/browse/HIVE-11029
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 0.13.0, 0.14.0, 1.0.0, 1.2.0
>            Reporter: Na Yang
>            Assignee: Na Yang
>         Attachments: HIVE-11029.patch
>
>
> In the core-site.xml, the hadoop.proxyuser.<user>.groups specifies the user 
> groups which can be impersonated by the HS2 <user>. However, this does not 
> work properly in Hive. 
> In my core-site.xml, I have the following configs:
> <property>
>   <name>hadoop.proxyuser.mapr.hosts</name>
>   <value>*</value>
> </property>
> <property>
>   <name>hadoop.proxyuser.mapr.groups</name>
>   <value>root</value>
> </property>
> I would expect with this configuration that 'mapr' can impersonate only 
> members of the Unix group 'root'. However if I submit a query as user 'jon' 
> the query is running as user 'jon' even though 'mapr' should not be able to 
> impersonate this user. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)