Have you created the metastore mysql tables for authorization? Can u do a show grant?
thanks yongqiang On Tue, Aug 16, 2011 at 2:55 PM, Alex Holmes <grep.a...@gmail.com> wrote: > Hi all, > > I've been struggling with getting Hive authorization to work for a few > hours, and I really hope someone can help me. I installed Hive 0.7.1 > on top of Hadoop 0.20.203. I'm using mysql for the metastore, and > configured Hive to enable authorization: > > <property> > <name>hive.security.authorization.enabled</name> > <value>true</value> > <description>enable or disable the hive client authorization</description> > </property> > > I kept all the other Hive security configs with their default settings. > > I'm running in pseudo-distributed mode on a single node. HDFS, the Hive > metastore and the Hive CLI are all running as the same user (the HDFS > superuser). Here are the sequence of steps that are causing me issues. > Without authorization everything works perfectly (creating, loading, > selecting). > I've also tried creating and loading the table without authorization, granting > the select privilege at various levels (global, table, database), turning on > auth and performing the select, resulting in the same exception. > > Any help with this would be greatly appreciated! > > Thanks, > Alex > > -- > > [hduser@aholmes-desktop ~]$ hive > Hive history file=/tmp/hduser/hive_job_log_hduser_201108162158_1976573160.txt > hive> set hive.security.authorization.enabled=false; > hive> grant all to user hduser; > OK > Time taken: 0.233 seconds > hive> set hive.security.authorization.enabled=true; > hive> CREATE TABLE pokes3 (foo INT, bar STRING); > FAILED: Hive Internal Error: > org.apache.hadoop.hive.ql.metadata.HiveException(org.apache.thrift.TApplicationException: > get_privilege_set failed: unknown result) > org.apache.hadoop.hive.ql.metadata.HiveException: > org.apache.thrift.TApplicationException: get_privilege_set failed: > unknown result > at > org.apache.hadoop.hive.ql.metadata.Hive.get_privilege_set(Hive.java:1617) > at > org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider.authorizeUserPriv(DefaultHiveAuthorizationProvider.java:201) > at > org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider.authorizeUserAndDBPriv(DefaultHiveAuthorizationProvider.java:226) > at > org.apache.hadoop.hive.ql.security.authorization.DefaultHiveAuthorizationProvider.authorize(DefaultHiveAuthorizationProvider.java:89) > at org.apache.hadoop.hive.ql.Driver.doAuthorization(Driver.java:433) > at org.apache.hadoop.hive.ql.Driver.compile(Driver.java:393) > at org.apache.hadoop.hive.ql.Driver.run(Driver.java:736) > at org.apache.hadoop.hive.cli.CliDriver.processCmd(CliDriver.java:164) > at org.apache.hadoop.hive.cli.CliDriver.processLine(CliDriver.java:241) > at org.apache.hadoop.hive.cli.CliDriver.main(CliDriver.java:456) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.hadoop.util.RunJar.main(RunJar.java:156) > Caused by: org.apache.thrift.TApplicationException: get_privilege_set > failed: unknown result > at > org.apache.hadoop.hive.metastore.api.ThriftHiveMetastore$Client.recv_get_privilege_set(ThriftHiveMetastore.java:2414) > at > org.apache.hadoop.hive.metastore.api.ThriftHiveMetastore$Client.get_privilege_set(ThriftHiveMetastore.java:2379) > at > org.apache.hadoop.hive.metastore.HiveMetaStoreClient.get_privilege_set(HiveMetaStoreClient.java:1042) > at > org.apache.hadoop.hive.ql.metadata.Hive.get_privilege_set(Hive.java:1615) > ... 14 more >
