Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Ranger hdfs audit is showing wrong user

Labels (2)
avatar
author-rank sshimpi
Super Guru

Created on ‎11-19-2016 01:41 PM - edited ‎08-17-2019 07:57 AM

PROBLEM STATEMENT: We have a strange problem with ranger. When I do a "select * from <table>; "

I can see in ranger, on hive audit, that my user (dnid) is getting logged correctly. But when I look at the same situation on hdfs audit it shows that another user did the request. This Is to me very strange, I´ve tried with different users and the same problem happens again.

ERROR:

9634-img2.png

9636-img3.png

9637-img1.png

ROOT CAUSE: This is known issue and a BUG -

https://issues.apache.org/jira/browse/HIVE-13120

http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.4.2/bk_HDP_RelNotes/content/fixed_issues.html

BUG-53108HIVE-13120

RESOLUTION:

Changed the below property in hiveserver2 configs and restarted hiveserver2 after which the Ranger HDFS audit was showing user as hive in HDFS audit.

From:
"hive.server2.enable.doAs"=true

TO:
"hive.server2.enable.doAs"=false

undefined
470 Views
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements
Version history
Last update:
‎08-17-2019 07:57 AM
Updated by:
Super Guru
Contributors