Reply
Contributor
Posts: 48
Registered: ‎09-20-2017
Accepted Solution

user hive/host1 is not allowed to impersonate sentry/host2

Hello,

 

In my kerberized and Sentry-protected CDH, I started getting the following errors on hive metastore:

 

Caused by: org.apache.hadoop.security.authorize.AuthorizationException: 
User: hive/master.hadoop.local@HADOOP.LOCAL is not allowed to 
impersonate sentry/worker1.hadoop.local@HADOOP.LOCAL

In core-site.xml I have:

 

hadoop.proxyuser.hive.groups=*
hadoop.proxyuser.hive.users=*

The error started after I was playing around with LDAP integration, though I rollback my configurations to the previous no-LDAP state. I am trying to figure out what I missed.

Highlighted
Contributor
Posts: 48
Registered: ‎09-20-2017

Re: user hive/host1 is not allowed to impersonate sentry/host2

core-site.xml had empty values not *.

 

No issue.

Announcements