Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Hive view raise Failed to execute statement: show databases like '*'

jorge_alonso_ga
Explorer

Created ‎05-08-2018 09:45 AM

Hi,

We have just deploy a new HDP 2.6 cluster with kerberos and ranger enable and have problemas with security setup.

It has been created a new policy on ranger allowing access to a hive database (for all tables and columns) and assigned to a user.

When logging on ambari-views (Hive View 2.0) no show any database and raise the following error:

Failed to execute statement: show databases like '*'
org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [xxxxxxxxxx] does not have [USE] privilege on [Unknown resource!!]

org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [xxxxxxxxxxxxxx] does not have [USE] privilege on [Unknown resource!!]
	at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:264)
	at org.apache.hive.jdbc.Utils.verifySuccessWithInfo(Utils.java:250)
	at org.apache.hive.jdbc.HiveStatement.runAsyncOnServer(HiveStatement.java:309)
	at org.apache.hive.jdbc.HiveStatement.execute(HiveStatement.java:250)
	at org.apache.ambari.view.hive20.HiveJdbcConnectionDelegate.execute(HiveJdbcConnectionDelegate.java:49)
	at org.apache.ambari.view.hive20.actor.StatementExecutor.runStatement(StatementExecutor.java:91)
	at org.apache.ambari.view.hive20.actor.StatementExecutor.handleMessage(StatementExecutor.java:72)
	at org.apache.ambari.view.hive20.actor.HiveActor.onReceive(HiveActor.java:38)
	at akka.actor.UntypedActor$anonfun$receive$1.applyOrElse(UntypedActor.scala:167)
	at akka.actor.Actor$class.aroundReceive(Actor.scala:467)
	at akka.actor.UntypedActor.aroundReceive(UntypedActor.scala:97)
	at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516)
	at akka.actor.ActorCell.invoke(ActorCell.scala:487)
	at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:238)
	at akka.dispatch.Mailbox.run(Mailbox.scala:220)
	at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:397)
	at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
	at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
	at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
	at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)

Is is missing another privilegies ??

Regards

1,566 Views
0 Kudos
4 REPLIES 4

jsensharma
Super Mentor

Created ‎05-08-2018 10:34 AM

@Jorge Alonso

As you have recently enabled Ranger Policy so can you please check if you have the Hive Ranger Plugin is enabled properly or not?

Better to disable the hive ranger plugin and then enable it back from ambari UI and then try again.

1,071 Views
0 Kudos

jorge_alonso_ga
Explorer

Created ‎05-08-2018 11:35 AM

The Hive ranger plugin was enables, I had disabled (restart hive), enable again but the issue persists

1,071 Views
0 Kudos

bhanu_pamu
Explorer

Created ‎05-08-2018 01:13 PM

@Jorge Alonso - Please go to Ranger - Service Manager - Hive you should see the clustername_hive tab.

Click on it , you will find 4 policies in Ranger by default.

Check the policy related to - all database, udf - grant access to your user/hive user.

Let me know how it goes.

1,071 Views
0 Kudos

jorge_alonso_ga
Explorer

Created ‎05-08-2018 04:39 PM

Hi @Bhanu Pamu

, I'd grant access my to policy "all database, udf" but raise the same error

Any idea?

Thanks

1,071 Views
0 Kudos
Take a Tour of the Community
Don't have an account?
Register
Your experience may be limited. Sign in to explore more.
Announcements
Community Announcements
March 2023 Community Highlights
What's New @ Cloudera
Cloudera DataFlow Designer for self-service data flow development is now generally available to all CDP Public Cloud customers
What's New @ Cloudera
Cloudera Operational Database (COD) UI provides the JWT configuration details to connect to your HBase client
What's New @ Cloudera
Cloudera Operational Database (COD) UI allows storage type selection when creating an operational database
What's New @ Cloudera
Release of Cloudera Streaming Analytics (CSA) 1.9.0 for CDP 7.1.7 SP2 & CDP 7.1.8
View More Announcements