Support Questions
- Cloudera Community
- Support
- Support Questions
- Ranger hive plugin error
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Ranger hive plugin error
- Labels:
-
Apache Hive
-
Apache Ranger
Created 05-19-2018 12:40 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Before installing Ranger i was able to query anything in Hive ok. After installing ranger, setting up solr/rangeraudit/rangeradmin /usersync/ranger-hive plugin and creating the Ranger-hive service in the UI and some Allow policies in the UI I am no longer able to query any hive tables.
When using hiveserver2 (ie beeline), I now receive this error (even though I have created allow policy for the user on * db, *tbl, *cols): Caused by: org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
If i click test the hive service in the admin UI I get this error:
Connection Failed.
Unable to retrieve any files using given parameters, You can still save the repository and start creating policies, but you would not be able to use autocomplete for resource names. Check ranger_admin.log for more info.
org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]..
Unable to execute SQL [show databases like "*"]..
Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*].
Permission denied: user [dvdsuauu] does not have [USE] privilege on [*].
In the ews admin logs I see:
ews logs
2018-05-19 03:09:17,331 [http-bio-6182-exec-125] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:232) - UserSession Updated to set new Permissions to User: rangerusersync
2018-05-19 03:09:17,332 [http-bio-6182-exec-125] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:184) - Login Success: loginId=rangerusersync, sessionId=2023, sessionId=BED0B2377A6E8B70707CD81D52F2E178, requestId=10.160.237.127, epoch=1526699357332
2018-05-19 03:09:17,386 [http-bio-6182-exec-125] INFO org.apache.ranger.biz.XUserMgr (XUserMgr.java:316) - Permission Updated for user: [tsdsuauu] For Module: [Resource Based Policies]
2018-05-19 03:09:17,388 [http-bio-6182-exec-125] INFO org.apache.ranger.biz.XUserMgr (XUserMgr.java:316) - Permission Updated for user: [tsdsuauu] For Module: [Reports]
2018-05-19 03:14:30,453 [http-bio-6182-exec-104] INFO org.apache.ranger.security.handler.RangerAuthenticationProvider (RangerAuthenticationProvider.java:147) - Authentication with SHA-256 failed. Now trying with MD5.
2018-05-19 03:14:30,454 [http-bio-6182-exec-104] INFO org.apache.ranger.security.listener.SpringEventListener (SpringEventListener.java:70) - Login Successful:admin | Ip Address:10.160.237.127 | sessionId=0F9E9D64CB89B07059BDC402C12E66B3 | Epoch=1526699670454
2018-05-19 03:14:30,455 [http-bio-6182-exec-104] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:429) - admin is a valid user
2018-05-19 03:14:30,694 [http-bio-6182-exec-104] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:232) - UserSession Updated to set new Permissions to User: admin
2018-05-19 03:14:30,694 [http-bio-6182-exec-104] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:184) - Login Success: loginId=admin, sessionId=2024, sessionId=0F9E9D64CB89B07059BDC402C12E66B3, requestId=10.160.237.127, epoch=1526699670694
2018-05-19 03:14:44,477 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:126) - Can't find keyTab Path : null
2018-05-19 03:14:44,477 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:130) - Can't find principal : null
2018-05-19 03:14:44,478 [timed-executor-pool-0] INFO org.apache.ranger.plugin.client.BaseClient (BaseClient.java:126) - Init Login: security not enabled, using username
2018-05-19 03:14:44,478 [timed-executor-pool-0] INFO apache.ranger.services.hive.client.HiveClient (HiveClient.java:93) - Since Password is NOT provided, Trying to use UnSecure client with username and password
2018-05-19 03:14:44,776 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveClient$3 (HiveClient.java:117) - <== HiveClient getDatabaseList() :Unable to get the Database List
org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:200)
at org.apache.ranger.services.hive.client.HiveClient.access$400(HiveClient.java:56)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:114)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:107)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:360)
at org.apache.ranger.services.hive.client.HiveClient.getDatabaseList(HiveClient.java:107)
at org.apache.ranger.services.hive.client.HiveClient.connectionTest(HiveClient.java:829)
at org.apache.ranger.services.hive.client.HiveResourceMgr.connectionTest(HiveResourceMgr.java:48)
at org.apache.ranger.services.hive.RangerServiceHive.validateConfig(RangerServiceHive.java:57)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:574)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:561)
at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:522)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:267)
at org.apache.hive.jdbc.Utils.verifySuccessWithInfo(Utils.java:253)
at org.apache.hive.jdbc.HiveStatement.runAsyncOnServer(HiveStatement.java:313)
at org.apache.hive.jdbc.HiveStatement.execute(HiveStatement.java:253)
at org.apache.hive.jdbc.HiveStatement.executeQuery(HiveStatement.java:476)
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:179)
... 16 more
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.service.cli.operation.Operation.toSQLException(Operation.java:380)
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:206)
at org.apache.hive.service.cli.operation.SQLOperation.runInternal(SQLOperation.java:290)
at org.apache.hive.service.cli.operation.Operation.run(Operation.java:320)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementInternal(HiveSessionImpl.java:530)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementAsync(HiveSessionImpl.java:517)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:78)
at org.apache.hive.service.cli.session.HiveSessionProxy.access$000(HiveSessionProxy.java:36)
at org.apache.hive.service.cli.session.HiveSessionProxy$1.run(HiveSessionProxy.java:63)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1698)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:59)
at com.sun.proxy.$Proxy31.executeStatementAsync(Unknown Source)
at org.apache.hive.service.cli.CLIService.executeStatementAsync(CLIService.java:310)
at org.apache.hive.service.cli.thrift.ThriftCLIService.ExecuteStatement(ThriftCLIService.java:530)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1437)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1422)
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
at org.apache.hive.service.auth.TSetIpAddressProcessor.process(TSetIpAddressProcessor.java:56)
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
... 3 more
Caused by: org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.checkPrivileges(RangerHiveAuthorizer.java:432)
at org.apache.hadoop.hive.ql.Driver.doAuthorizationV2(Driver.java:974)
at org.apache.hadoop.hive.ql.Driver.doAuthorization(Driver.java:761)
at org.apache.hadoop.hive.ql.Driver.compile(Driver.java:550)
at org.apache.hadoop.hive.ql.Driver.compileInternal(Driver.java:1317)
at org.apache.hadoop.hive.ql.Driver.compileAndRespond(Driver.java:1295)
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:204)
... 27 more
2018-05-19 03:14:44,780 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveResourceMgr (HiveResourceMgr.java:50) - <== HiveResourceMgr.connectionTest Error: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-19 03:14:44,780 [timed-executor-pool-0] ERROR org.apache.ranger.services.hive.RangerServiceHive (RangerServiceHive.java:59) - <== RangerServiceHive.validateConfig Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-19 03:14:44,780 [timed-executor-pool-0] ERROR org.apache.ranger.biz.ServiceMgr$TimedCallable (ServiceMgr.java:524) - TimedCallable.call: Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-19 03:14:44,780 [http-bio-6182-exec-133] ERROR org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:188) - ==> ServiceMgr.validateConfig Error:org.apache.ranger.plugin.client.HadoopException: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]. 2018-05-18 12:57:41,619 [http-bio-6182-exec-49] INFO org.apache.ranger.security.handler.RangerAuthenticationProvider (RangerAuthenticationProvider.java:147) - Authentication with SHA-256 failed. Now trying with MD5.
2018-05-18 12:57:41,623 [http-bio-6182-exec-49] INFO org.apache.ranger.security.listener.SpringEventListener (SpringEventListener.java:70) - Login Successful:admin | Ip Address:10.160.237.208 | sessionId=14321F7EB7D6CABDA7F65809B01253CB | Epoch=1526648261623
2018-05-18 12:57:41,628 [http-bio-6182-exec-49] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:429) - admin is a valid user
2018-05-18 12:57:41,759 [http-bio-6182-exec-54] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:232) - UserSession Updated to set new Permissions to User: admin
2018-05-18 12:57:41,759 [http-bio-6182-exec-54] INFO org.apache.ranger.biz.SessionMgr (SessionMgr.java:184) - Login Success: loginId=admin, sessionId=1225, sessionId=14321F7EB7D6CABDA7F65809B01253CB, requestId=10.160.237.208, epoch=1526648261759
2018-05-18 12:57:42,893 [http-bio-6182-exec-54] INFO org.apache.ranger.solr.SolrMgr (SolrMgr.java:168) - ==>SolrMgr.init()
2018-05-18 12:57:42,893 [http-bio-6182-exec-54] INFO org.apache.ranger.solr.SolrMgr (SolrMgr.java:177) - Loading SolrClient JAAS config from Ranger audit config if present...
2018-05-18 12:57:42,897 [http-bio-6182-exec-54] INFO org.apache.ranger.solr.SolrMgr (SolrMgr.java:182) - <==SolrMgr.init()
2018-05-18 12:57:42,916 [http-bio-6182-exec-54] INFO org.apache.ranger.service.RangerPluginActivityLogger (RangerPluginActivityLogger.java:46) - ranger.plugin.activity.audit.commit.inline = false
2018-05-18 12:57:42,916 [http-bio-6182-exec-54] INFO org.apache.ranger.service.RangerPluginActivityLogger (RangerPluginActivityLogger.java:50) - Will use separate thread for committing scheduled work
2018-05-18 13:18:04,809 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/hive-common-2.3.2.jar
2018-05-18 13:18:04,810 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/hive-exec-2.3.2.jar
2018-05-18 13:18:04,810 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/hive-metastore-2.3.2.jar
2018-05-18 13:18:04,811 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/hive-service-2.3.2.jar
2018-05-18 13:18:04,811 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/ranger-hive-plugin-1.0.0.jar
2018-05-18 13:18:04,811 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/hive-jdbc-2.3.2.jar
2018-05-18 13:18:04,811 [http-bio-6182-exec-56] WARN org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:369) - getFilesInDirectory('ranger-plugins/hive'): adding /usr/lib/apache-ranger-1.0.0/target/ranger-1.0.0-admin/ews/webapp/WEB-INF/classes/ranger-plugins/hive/232
2018-05-18 13:18:04,829 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:126) - Can't find keyTab Path : null
2018-05-18 13:18:04,829 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:130) - Can't find principal : null
2018-05-18 13:18:04,834 [timed-executor-pool-0] ERROR org.apache.ranger.plugin.util.PasswordUtils (PasswordUtils.java:147) - Unable to decrypt password due to error
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:936)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:847)
at com.sun.crypto.provider.PBES1Core.doFinal(PBES1Core.java:416)
at com.sun.crypto.provider.
Cipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316)
at javax.crypto.Cipher.doFinal(Cipher.java:2164)
at org.apache.ranger.plugin.util.PasswordUtils.decrypt(PasswordUtils.java:132)
at org.apache.ranger.plugin.util.PasswordUtils.decryptPassword(PasswordUtils.java:120)
at org.apache.ranger.plugin.client.BaseClient.login(BaseClient.java:109)
at org.apache.ranger.plugin.client.BaseClient.<init>(BaseClient.java:61)
at org.apache.ranger.plugin.client.BaseClient.<init>(BaseClient.java:53)
at org.apache.ranger.services.hive.client.HiveClient.<init>(HiveClient.java:76)
at org.apache.ranger.services.hive.client.HiveClient.connectionTest(HiveClient.java:827)
at org.apache.ranger.services.hive.client.HiveResourceMgr.connectionTest(HiveResourceMgr.java:48)
at org.apache.ranger.services.hive.RangerServiceHive.validateConfig(RangerServiceHive.java:57)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:574)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:561)
at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:522)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
2018-05-18 13:18:04,835 [timed-executor-pool-0] INFO org.apache.ranger.plugin.client.BaseClient (BaseClient.java:111) - Password decryption failed; trying connection with received password string
2018-05-18 13:18:04,835 [timed-executor-pool-0] INFO org.apache.ranger.plugin.client.BaseClient (BaseClient.java:126) - Init Login: security not enabled, using username
2018-05-18 13:18:04,835 [timed-executor-pool-0] INFO apache.ranger.services.hive.client.HiveClient (HiveClient.java:93) - Since Password is NOT provided, Trying to use UnSecure client with username and password
2018-05-18 13:18:04,839 [timed-executor-pool-0] ERROR org.apache.ranger.plugin.util.PasswordUtils (PasswordUtils.java:147) - Unable to decrypt password due to error
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:936)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:847)
at com.sun.crypto.provider.PBES1Core.doFinal(PBES1Core.java:416)
at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316)
at javax.crypto.Cipher.doFinal(Cipher.java:2164)
at org.apache.ranger.plugin.util.PasswordUtils.decrypt(PasswordUtils.java:132)
at org.apache.ranger.plugin.util.PasswordUtils.decryptPassword(PasswordUtils.java:120)
at org.apache.ranger.services.hive.client.HiveClient.initConnection(HiveClient.java:710)
at org.apache.ranger.services.hive.client.HiveClient.access$100(HiveClient.java:56)
at org.apache.ranger.services.hive.client.HiveClient$2.run(HiveClient.java:98)
at org.apache.ranger.services.hive.client.HiveClient$2.run(HiveClient.java:96)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.apache.ranger.services.hive.client.HiveClient.initHive(HiveClient.java:96)
at org.apache.ranger.services.hive.client.HiveClient.<init>(HiveClient.java:77)
at org.apache.ranger.services.hive.client.HiveClient.connectionTest(HiveClient.java:827)
at org.apache.ranger.services.hive.client.HiveResourceMgr.connectionTest(HiveResourceMgr.java:48)
at org.apache.ranger.services.hive.RangerServiceHive.validateConfig(RangerServiceHive.java:57)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:574)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:561)
at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:522)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
2018-05-18 13:18:04,839 [timed-executor-pool-0] INFO apache.ranger.services.hive.client.HiveClient (HiveClient.java:712) - Password decryption failed; trying Hive connection with received password string
2018-05-18 13:18:10,966 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveClient$3 (HiveClient.java:117) - <== HiveClient getDatabaseList() :Unable to get the Database List
org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:200)
at org.apache.ranger.services.hive.client.HiveClient.access$400(HiveClient.java:56)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:114)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:107)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:360)
at org.apache.ranger.services.hive.client.HiveClient.getDatabaseList(HiveClient.java:107)
at org.apache.ranger.services.hive.client.HiveClient.connectionTest(HiveClient.java:829)
at org.apache.ranger.services.hive.client.HiveResourceMgr.connectionTest(HiveResourceMgr.java:48)
at org.apache.ranger.services.hive.RangerServiceHive.validateConfig(RangerServiceHive.java:57)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:574)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:561)
at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:522)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:267)
at org.apache.hive.jdbc.Utils.verifySuccessWithInfo(Utils.java:253)
at org.apache.hive.jdbc.HiveStatement.runAsyncOnServer(HiveStatement.java:313)
at org.apache.hive.jdbc.HiveStatement.execute(HiveStatement.java:253)
at org.apache.hive.jdbc.HiveStatement.executeQuery(HiveStatement.java:476)
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:179)
... 16 more
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.service.cli.operation.Operation.toSQLException(Operation.java:380)
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:206)
at org.apache.hive.service.cli.operation.SQLOperation.runInternal(SQLOperation.java:290)
at org.apache.hive.service.cli.operation.Operation.run(Operation.java:320)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementInternal(HiveSessionImpl.java:530)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementAsync(HiveSessionImpl.java:517)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:78)
at org.apache.hive.service.cli.session.HiveSessionProxy.access$000(HiveSessionProxy.java:36)
at org.apache.hive.service.cli.session.HiveSessionProxy$1.run(HiveSessionProxy.java:63)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1698)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:59)
at com.sun.proxy.$Proxy31.executeStatementAsync(Unknown Source)
at org.apache.hive.service.cli.CLIService.executeStatementAsync(CLIService.java:310)
at org.apache.hive.service.cli.thrift.ThriftCLIService.ExecuteStatement(ThriftCLIService.java:530)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1437)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1422)
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
at org.apache.hive.service.auth.TSetIpAddressProcessor.process(TSetIpAddressProcessor.java:56)
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
... 3 more
Caused by: org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.checkPrivileges(RangerHiveAuthorizer.java:432)
at org.apache.hadoop.hive.ql.Driver.doAuthorizationV2(Driver.java:974)
at org.apache.hadoop.hive.ql.Driver.doAuthorization(Driver.java:761)
at org.apache.hadoop.hive.ql.Driver.compile(Driver.java:550)
at org.apache.hadoop.hive.ql.Driver.compileInternal(Driver.java:1317)
at org.apache.hadoop.hive.ql.Driver.compileAndRespond(Driver.java:1295)
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:204)
... 27 more
2018-05-18 13:18:10,999 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveResourceMgr (HiveResourceMgr.java:50) - <== HiveResourceMgr.connectionTest Error: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-18 13:18:10,999 [timed-executor-pool-0] ERROR org.apache.ranger.services.hive.RangerServiceHive (RangerServiceHive.java:59) - <== RangerServiceHive.validateConfig Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-18 13:18:10,999 [timed-executor-pool-0] ERROR org.apache.ranger.biz.ServiceMgr$TimedCallable (ServiceMgr.java:524) - TimedCallable.call: Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-18 13:18:11,000 [http-bio-6182-exec-56] ERROR org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:188) - ==> ServiceMgr.validateConfig Error:org.apache.ranger.plugin.client.HadoopException: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
2018-05-18 13:18:16,587 [http-bio-6182-exec-53] INFO org.apache.ranger.biz.XUserMgr (XUserMgr.java:2220) - User created: dvdsuauu
2018-05-18 13:18:16,620 [http-bio-6182-exec-53] INFO org.apache.ranger.biz.XUserMgr (XUserMgr.java:308) - Permission assigned to user: [dvdsuauu] For Module: [Resource Based Policies]
2018-05-18 13:18:16,632 [http-bio-6182-exec-53] INFO org.apache.ranger.biz.XUserMgr (XUserMgr.java:308) - Permission assigned to user: [dvdsuauu] For Module: [Reports]
2018-05-18 13:18:24,534 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:126) - Can't find keyTab Path : null
2018-05-18 13:18:24,534 [timed-executor-pool-0] WARN org.apache.hadoop.security.SecureClientLogin (SecureClientLogin.java:130) - Can't find principal : null
2018-05-18 13:18:24,535 [timed-executor-pool-0] INFO org.apache.ranger.plugin.client.BaseClient (BaseClient.java:126) - Init Login: security not enabled, using username
2018-05-18 13:18:24,535 [timed-executor-pool-0] INFO apache.ranger.services.hive.client.HiveClient (HiveClient.java:93) - Since Password is NOT provided, Trying to use UnSecure client with username and password
2018-05-18 13:18:24,847 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveClient$3 (HiveClient.java:117) - <== HiveClient getDatabaseList() :Unable to get the Database List
org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"].
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:200)
at org.apache.ranger.services.hive.client.HiveClient.access$400(HiveClient.java:56)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:114)
at org.apache.ranger.services.hive.client.HiveClient$3.run(HiveClient.java:107)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:360)
at org.apache.ranger.services.hive.client.HiveClient.getDatabaseList(HiveClient.java:107)
at org.apache.ranger.services.hive.client.HiveClient.connectionTest(HiveClient.java:829)
at org.apache.ranger.services.hive.client.HiveResourceMgr.connectionTest(HiveResourceMgr.java:48)
at org.apache.ranger.services.hive.RangerServiceHive.validateConfig(RangerServiceHive.java:57)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:574)
at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:561)
at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:522)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:267)
at org.apache.hive.jdbc.Utils.verifySuccessWithInfo(Utils.java:253)
at org.apache.hive.jdbc.HiveStatement.runAsyncOnServer(HiveStatement.java:313)
at org.apache.hive.jdbc.HiveStatement.execute(HiveStatement.java:253)
at org.apache.hive.jdbc.HiveStatement.executeQuery(HiveStatement.java:476)
at org.apache.ranger.services.hive.client.HiveClient.getDBList(HiveClient.java:179)
... 16 more
Caused by: org.apache.hive.service.cli.HiveSQLException: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.hive.service.cli.operation.Operation.toSQLException(Operation.java:380)
at org.apache.hive.service.cli.operation.SQLOperation.prepare(SQLOperation.java:206)
at org.apache.hive.service.cli.operation.SQLOperation.runInternal(SQLOperation.java:290)
at org.apache.hive.service.cli.operation.Operation.run(Operation.java:320)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementInternal(HiveSessionImpl.java:530)
at org.apache.hive.service.cli.session.HiveSessionImpl.executeStatementAsync(HiveSessionImpl.java:517)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:78)
at org.apache.hive.service.cli.session.HiveSessionProxy.access$000(HiveSessionProxy.java:36)
at org.apache.hive.service.cli.session.HiveSessionProxy$1.run(HiveSessionProxy.java:63)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1698)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:59)
at com.sun.proxy.$Proxy31.executeStatementAsync(Unknown Source)
at org.apache.hive.service.cli.CLIService.executeStatementAsync(CLIService.java:310)
at org.apache.hive.service.cli.thrift.ThriftCLIService.ExecuteStatement(ThriftCLIService.java:530)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1437)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$ExecuteStatement.getResult(TCLIService.java:1422)
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
at org.apache.hive.service.auth.TSetIpAddressProcessor.process(TSetIpAddressProcessor.java:56)
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
... 3 more
Caused by: org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException: Permission denied: user [dvdsuauu] does not have [USE] privilege on [*]
at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.checkPrivileges(RangerHiveAuthorizer.java:432)
In hiveserver2 logs i see:
which: no hbase in (/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/opt/aws/bin:/home/ec2-user/.local/bin:/home/ec2-user/bin) 2018-05-18 16:22:49: Starting HiveServer2 SLF4J: Class path contains multiple SLF4J bindings. SLF4J: Found binding in [jar:file:/usr/lib/apache-hive-2.3.2.5-bin/lib/log4j-slf4j-impl-2.6.2.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/home/ec2-user/spark_home/jars/slf4j-log4j12-1.7.16.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/usr/lib/hadoop-2.7.5/share/hadoop/common/lib/slf4j-log4j12-1.7.10.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFactory] 2018-05-18T16:22:52,820 INFO [main] session.SessionState: Created HDFS directory: /var/hive/scratch/tmp/ec2-user/789b83bc-145f-467d-8d6b-e2c065b9bfcf 2018-05-18T16:22:52,821 INFO [main] session.SessionState: Created local directory: /var/hive/ec2-user/789b83bc-145f-467d-8d6b-e2c065b9bfcf 2018-05-18T16:22:52,821 INFO [main] session.SessionState: Created HDFS directory: /var/hive/scratch/tmp/ec2-user/789b83bc-145f-467d-8d6b-e2c065b9bfcf/_tmp_space.db 2018-05-18T16:22:52,839 WARN [main] authorizer.RangerHiveAuthorizerBase: RangerHiveAuthorizerBase.RangerHiveAuthorizerBase(): hiveAuthenticator.getUserName() returned null/empty 2018-05-18T16:22:52,852 INFO [main] config.RangerConfiguration: addResourceIfReadable(ranger-hive-audit.xml): resource file is file:/usr/lib/apache-hive-2.3.2.5-bin/conf/ranger-hive-audit.xml 2018-05-18T16:22:52,852 INFO [main] config.RangerConfiguration: addResourceIfReadable(ranger-hive-security.xml): resource file is file:/usr/lib/apache-hive-2.3.2.5-bin/conf/ranger-hive-security.xml 2018-05-18T16:22:52,855 INFO [main] provider.AuditProviderFactory: AuditProviderFactory: creating.. 2018-05-18T16:22:52,866 INFO [main] provider.AuditProviderFactory: AuditProviderFactory: initializing.. 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.log4j.is.async=false 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.is.enabled=true 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs.dir=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.rest.client.connection.timeoutMs=120000 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.kafka.topic_name=ranger_audits 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.destination.directory=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd% 2018-05-18T16:22:52,900 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.solr.is.enabled=false 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.archive.max.file.count=10 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.jpa.javax.persistence.jdbc.user=rangerlogger 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.buffer.directory=__REPLACE__LOG_DIR/hive/audit/%app-type% 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.db.is.enabled=false 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.kafka.async.max.flush.interval.ms=1000 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.kafka.broker_list=localhost:9092 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.source.impl=org.apache.ranger.admin.client.RangerAdminRESTClient 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr=true 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.jpa.javax.persistence.jdbc.driver=com.mysql.jdbc.Driver 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.is.async=true 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.cache.dir=/etc/ranger/HIVE_RANGER_E2E/policycache 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.destination.open.retry.interval.seconds=60 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.solr.solr_url=http://localhost:6083/solr/ranger_audits 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.db.is.async=true 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr.batch.filespool.dir=/var/log/hive/audit/solr/spool 2018-05-18T16:22:52,901 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.jpa.javax.persistence.jdbc.url=jdbc:mysql://localhost:3306/ranger_audit 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.destination.file=%hostname%-audit.log 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.rest.ssl.config.file=/etc/hive/conf/ranger-policymgr-ssl.xml 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.buffer.file=%time:yyyyMMdd-HHmm.ss%.log 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.archive.directory=__REPLACE__LOG_DIR/hive/audit/archive/%app-type% 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.db.async.max.queue.size=10240 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.log4j.async.max.queue.size=10240 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.log4j.is.enabled=false 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.async.max.flush.interval.ms=30000 2018-05-18T16:22:52,902 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr.urls=https://myhosthere:6083/solr/ranger_audits 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.service.name=HIVE_RANGER_E2E 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.solr.async.max.flush.interval.ms=1000 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.rest.client.read.timeoutMs=30000 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.solr.async.max.queue.size=1 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.buffer.flush.interval.seconds=60 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.destination.flush.interval.seconds=900 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr.zookeepers=NONE 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.pollIntervalMs=30000 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs.config.fs.azure.account.keyprovider.__REPLACE_AZURE_ACCOUNT_NAME.blob.core.windows.net=__REPLACE_AZURE_ACCOUNT_KEY_PROVIDER 2018-05-18T16:22:52,903 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs.config.fs.azure.account.key.__REPLACE_AZURE_ACCOUNT_NAME.blob.core.windows.net=__REPLACE_AZURE_ACCOUNT_KEY 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.db.async.max.flush.interval.ms=30000 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr.user=NONE 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.kafka.async.max.queue.size=1 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.is.enabled=false 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.async.max.queue.size=1048576 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: ranger.plugin.hive.policy.rest.url=https://myhosthere:6182 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.buffer.file.buffer.size.bytes=8192 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.jpa.javax.persistence.jdbc.password=none 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.credential.provider.file=jceks://file/etc/ranger/hivedev/auditcred.jceks 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.db.batch.size=100 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs.config.fs.azure.shellkeyprovider.script=__REPLACE_AZURE_SHELL_KEY_PROVIDER 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs.batch.filespool.dir=/var/log/hive/audit/hdfs/spool 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.destination.rollover.interval.seconds=86400 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.kafka.is.enabled=false 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.log4j.async.max.flush.interval.ms=30000 2018-05-18T16:22:52,904 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.hive.update.xapolicies.on.grant.revoke=true 2018-05-18T16:22:52,905 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.hdfs=false 2018-05-18T16:22:52,905 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds=600 2018-05-18T16:22:52,905 INFO [main] provider.AuditProviderFactory: AUDIT PROPERTY: xasecure.audit.destination.solr.password=NONE 2018-05-18T16:22:52,905 INFO [main] provider.AuditProviderFactory: Audit destination xasecure.audit.destination.solr is set to true 2018-05-18T16:22:52,916 INFO [main] destination.AuditDestination: AuditDestination() enter 2018-05-18T16:22:52,916 INFO [main] destination.SolrAuditDestination: init() called 2018-05-18T16:22:52,916 INFO [main] provider.BaseAuditHandler: BaseAuditProvider.init() 2018-05-18T16:22:52,916 INFO [main] provider.BaseAuditHandler: propPrefix=xasecure.audit.destination.solr 2018-05-18T16:22:52,916 INFO [main] provider.BaseAuditHandler: Using providerName from property prefix. providerName=solr 2018-05-18T16:22:52,917 INFO [main] provider.BaseAuditHandler: providerName=solr 2018-05-18T16:22:52,917 INFO [main] destination.SolrAuditDestination: ==>SolrAuditDestination.init() 2018-05-18T16:22:52,917 INFO [main] destination.SolrAuditDestination: In solrAuditDestination.init() : JAAS Configuration set as [null] 2018-05-18T16:22:52,917 WARN [main] destination.SolrAuditDestination: No Client JAAS config present in solr audit config. Ranger Audit to Kerberized Solr will fail... 2018-05-18T16:22:52,917 INFO [main] destination.SolrAuditDestination: Loading SolrClient JAAS config from Ranger audit config if present... 2018-05-18T16:22:52,923 INFO [main] destination.SolrAuditDestination: In solrAuditDestination.init() (finally) : JAAS Configuration set as [null] 2018-05-18T16:22:52,923 INFO [main] destination.SolrAuditDestination: <==SolrAuditDestination.init() 2018-05-18T16:22:52,923 INFO [main] destination.SolrAuditDestination: Solr zkHosts=null, solrURLs=https://myhosthere:6083/solr/ranger_audits, collectionName=ranger_audits 2018-05-18T16:22:52,923 INFO [main] destination.SolrAuditDestination: Connecting to Solr using URLs=[https://myhosthere:6083/solr/ranger_audits] 2018-05-18T16:22:52,965 INFO [main] provider.AuditProviderFactory: xasecure.audit.destination.solr.queue is not set. Setting queue to batch for solr 2018-05-18T16:22:52,965 INFO [main] provider.AuditProviderFactory: queue for solr is batch 2018-05-18T16:22:52,969 INFO [main] queue.AuditQueue: BaseAuditProvider.init() 2018-05-18T16:22:52,969 INFO [main] provider.BaseAuditHandler: BaseAuditProvider.init() 2018-05-18T16:22:52,969 INFO [main] provider.BaseAuditHandler: propPrefix=xasecure.audit.destination.solr.batch 2018-05-18T16:22:52,969 INFO [main] provider.BaseAuditHandler: providerName=batch 2018-05-18T16:22:52,970 INFO [main] queue.AuditQueue: File spool is enabled for batch, logFolderProp=/var/log/hive/audit/solr/spool, xasecure.audit.destination.solr.batch.filespool.dir=false 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: retryDestinationMS=30000, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: fileRolloverSec=86400, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: maxArchiveFiles=100, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: logFolder=/var/log/hive/audit/solr/spool, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: logFileNameFormat=spool_%app-type%_%time:yyyyMMdd-HHmm.ss%.log, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: archiveFolder=/var/log/hive/audit/solr/spool/archive, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: indexFile=/var/log/hive/audit/solr/spool/index_batch_batch.solr_hiveServer2.json, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: indexDoneFile=/var/log/hive/audit/solr/spool/index_batch_batch.solr_hiveServer2_closed.json, queueName=batch 2018-05-18T16:22:52,974 INFO [main] queue.AuditFileSpool: Loading index file. fileName=/var/log/hive/audit/solr/spool/index_batch_batch.solr_hiveServer2.json 2018-05-18T16:22:52,975 INFO [main] queue.AuditFileSpool: INDEX printIndex() ==== START 2018-05-18T16:22:52,975 INFO [main] queue.AuditFileSpool: INDEX printIndex() ==== END 2018-05-18T16:22:52,975 INFO [main] provider.AuditProviderFactory: Using v3 audit configuration 2018-05-18T16:22:52,975 INFO [main] provider.AuditProviderFactory: AuditSummaryQueue is disabled 2018-05-18T16:22:52,977 INFO [main] queue.AuditQueue: BaseAuditProvider.init() 2018-05-18T16:22:52,977 INFO [main] provider.BaseAuditHandler: BaseAuditProvider.init() 2018-05-18T16:22:52,977 INFO [main] provider.BaseAuditHandler: propPrefix=xasecure.audit.provider.async 2018-05-18T16:22:52,977 INFO [main] provider.BaseAuditHandler: providerName=async 2018-05-18T16:22:52,977 INFO [main] queue.AuditQueue: File spool is disabled for async 2018-05-18T16:22:52,978 INFO [main] provider.AuditProviderFactory: Starting audit queue hiveServer2.async 2018-05-18T16:22:52,978 INFO [main] queue.AuditBatchQueue: Creating ArrayBlockingQueue with maxSize=1048576 2018-05-18T16:22:52,979 INFO [main] queue.AuditFileSpool: Starting writerThread, queueName=hiveServer2.async.batch, consumer=hiveServer2.async.batch.solr 2018-05-18T16:22:52,980 INFO [Ranger async Audit cleanup] provider.AuditProviderFactory: RangerAsyncAuditCleanup: Waiting to audit cleanup start signal 2018-05-18T16:22:52,980 INFO [main] service.RangerBasePlugin: PolicyEngineOptions: { evaluatorType: auto, cacheAuditResult: false, disableContextEnrichers: false, disableCustomConditions: false, disableTrieLookupPrefilter: false } 2018-05-18T16:22:53,027 ERROR [main] utils.RangerCredentialProvider: Unable to get the Credential Provider from the Configuration java.lang.IllegalArgumentException: The value of property hadoop.security.credential.provider.path must not be null at com.google.common.base.Preconditions.checkArgument(Preconditions.java:92) ~[guava-14.0.1.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1134) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1115) ~[hadoop-common-2.7.3.jar:?] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialProviders(RangerCredentialProvider.java:68) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialString(RangerCredentialProvider.java:46) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getCredential(RangerRESTClient.java:382) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getKeyManagers(RangerRESTClient.java:268) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:188) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.startRefresher(PolicyRefresher.java:149) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:150) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHivePlugin.init(RangerHiveAuthorizer.java:1705) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.<init>(RangerHiveAuthorizer.java:119) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory.createHiveAuthorizer(RangerHiveAuthorizerFactory.java:37) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.hadoop.hive.ql.session.SessionState.setupAuth(SessionState.java:875) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hadoop.hive.ql.session.SessionState.applyAuthorizationPolicy(SessionState.java:1683) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.applyAuthorizationConfigPolicy(CLIService.java:130) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.init(CLIService.java:114) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.CompositeService.init(CompositeService.java:59) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.init(HiveServer2.java:142) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.startHiveServer2(HiveServer2.java:607) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.access$700(HiveServer2.java:100) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2$StartOptionExecutor.execute(HiveServer2.java:855) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.main(HiveServer2.java:724) ~[hive-service-2.3.2.jar:2.3.2] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_171] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_171] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_171] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171] at org.apache.hadoop.util.RunJar.run(RunJar.java:221) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.util.RunJar.main(RunJar.java:136) ~[hadoop-common-2.7.3.jar:?] 2018-05-18T16:22:53,027 ERROR [main] utils.RangerCredentialProvider: Unable to get the Credential Provider from the Configuration java.lang.IllegalArgumentException: The value of property hadoop.security.credential.provider.path must not be null at com.google.common.base.Preconditions.checkArgument(Preconditions.java:92) ~[guava-14.0.1.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1134) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1115) ~[hadoop-common-2.7.3.jar:?] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialProviders(RangerCredentialProvider.java:68) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialString(RangerCredentialProvider.java:46) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getCredential(RangerRESTClient.java:382) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getTrustManagers(RangerRESTClient.java:319) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:189) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.startRefresher(PolicyRefresher.java:149) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:150) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHivePlugin.init(RangerHiveAuthorizer.java:1705) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.<init>(RangerHiveAuthorizer.java:119) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory.createHiveAuthorizer(RangerHiveAuthorizerFactory.java:37) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.hadoop.hive.ql.session.SessionState.setupAuth(SessionState.java:875) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hadoop.hive.ql.session.SessionState.applyAuthorizationPolicy(SessionState.java:1683) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.applyAuthorizationConfigPolicy(CLIService.java:130) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.init(CLIService.java:114) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.CompositeService.init(CompositeService.java:59) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.init(HiveServer2.java:142) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.startHiveServer2(HiveServer2.java:607) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.access$700(HiveServer2.java:100) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2$StartOptionExecutor.execute(HiveServer2.java:855) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.main(HiveServer2.java:724) ~[hive-service-2.3.2.jar:2.3.2] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_171] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_171] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_171] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171] at org.apache.hadoop.util.RunJar.run(RunJar.java:221) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.util.RunJar.main(RunJar.java:136) ~[hadoop-common-2.7.3.jar:?] 2018-05-18T16:22:53,028 ERROR [main] util.PolicyRefresher: PolicyRefresher(serviceName=HIVE_RANGER_E2E): failed to refresh policies. Will continue to use last known version of policies (-1) java.lang.IllegalArgumentException: TrustManager is not specified at org.apache.commons.lang.Validate.notNull(Validate.java:192) ~[commons-lang-2.6.jar:2.6] at org.apache.ranger.plugin.util.RangerRESTClient.getSSLContext(RangerRESTClient.java:365) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:190) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.startRefresher(PolicyRefresher.java:149) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:150) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHivePlugin.init(RangerHiveAuthorizer.java:1705) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizer.<init>(RangerHiveAuthorizer.java:119) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory.createHiveAuthorizer(RangerHiveAuthorizerFactory.java:37) ~[ranger-hive-plugin-1.0.0.jar:1.0.0] at org.apache.hadoop.hive.ql.session.SessionState.setupAuth(SessionState.java:875) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hadoop.hive.ql.session.SessionState.applyAuthorizationPolicy(SessionState.java:1683) ~[hive-exec-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.applyAuthorizationConfigPolicy(CLIService.java:130) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.cli.CLIService.init(CLIService.java:114) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.CompositeService.init(CompositeService.java:59) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.init(HiveServer2.java:142) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.startHiveServer2(HiveServer2.java:607) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.access$700(HiveServer2.java:100) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2$StartOptionExecutor.execute(HiveServer2.java:855) ~[hive-service-2.3.2.jar:2.3.2] at org.apache.hive.service.server.HiveServer2.main(HiveServer2.java:724) ~[hive-service-2.3.2.jar:2.3.2] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_171] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_171] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_171] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_171] at org.apache.hadoop.util.RunJar.run(RunJar.java:221) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.util.RunJar.main(RunJar.java:136) ~[hadoop-common-2.7.3.jar:?] 2018-05-18T16:22:53,028 WARN [main] util.PolicyRefresher: cache file does not exist or not readable '/etc/ranger/HIVE_RANGER_E2E/policycache/hiveServer2_HIVE_RANGER_E2E.json' 2018-05-18T16:22:53,079 INFO [main] service.RangerBasePlugin: Policies will NOT be reordered based on number of evaluations 2018-05-18T16:22:53,080 ERROR [Thread-6] utils.RangerCredentialProvider: Unable to get the Credential Provider from the Configuration java.lang.IllegalArgumentException: The value of property hadoop.security.credential.provider.path must not be null at com.google.common.base.Preconditions.checkArgument(Preconditions.java:92) ~[guava-14.0.1.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1134) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1115) ~[hadoop-common-2.7.3.jar:?] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialProviders(RangerCredentialProvider.java:68) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialString(RangerCredentialProvider.java:46) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getCredential(RangerRESTClient.java:382) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getKeyManagers(RangerRESTClient.java:268) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:188) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:171) ~[ranger-plugins-common-1.0.0.jar:1.0.0] 2018-05-18T16:22:53,080 ERROR [Thread-6] utils.RangerCredentialProvider: Unable to get the Credential Provider from the Configuration java.lang.IllegalArgumentException: The value of property hadoop.security.credential.provider.path must not be null at com.google.common.base.Preconditions.checkArgument(Preconditions.java:92) ~[guava-14.0.1.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1134) ~[hadoop-common-2.7.3.jar:?] at org.apache.hadoop.conf.Configuration.set(Configuration.java:1115) ~[hadoop-common-2.7.3.jar:?] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialProviders(RangerCredentialProvider.java:68) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider.getCredentialString(RangerCredentialProvider.java:46) ~[ranger-plugins-cred-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getCredential(RangerRESTClient.java:382) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getTrustManagers(RangerRESTClient.java:319) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:189) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:171) ~[ranger-plugins-common-1.0.0.jar:1.0.0] 2018-05-18T16:22:53,080 ERROR [Thread-6] util.PolicyRefresher: PolicyRefresher(serviceName=HIVE_RANGER_E2E): failed to refresh policies. Will continue to use last known version of policies (-1) java.lang.IllegalArgumentException: TrustManager is not specified at org.apache.commons.lang.Validate.notNull(Validate.java:192) ~[commons-lang-2.6.jar:2.6] at org.apache.ranger.plugin.util.RangerRESTClient.getSSLContext(RangerRESTClient.java:365) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:190) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getClient(RangerRESTClient.java:176) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.RangerRESTClient.getResource(RangerRESTClient.java:156) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.createWebResource(RangerAdminRESTClient.java:275) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:126) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) ~[ranger-plugins-common-1.0.0.jar:1.0.0] at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:171) ~[ranger-plugins-common-1.0.0.jar:1.0.0] 2018-05-18T16:22:53,080 WARN [Thread-6] util.PolicyRefresher: cache file does not exist or not readable '/etc/ranger/HIVE_RANGER_E2E/policycache/hiveServer2_HIVE_RANGER_E2E.json' 2018-05-18T16:22:53,081 WARN [main] session.SessionState: METASTORE_FILTER_HOOK will be ignored, since hive.security.authorization.manager is set to instance of HiveAuthorizerFactory. 2018-05-18T16:22:53,449 INFO [main] hive.metastore: Trying to connect to metastore with URI thrift://localhost:9083 2018-05-18T16:22:53,471 INFO [main] hive.metastore: Opened a connection to metastore, current connections: 1 2018-05-18T16:22:53,482 INFO [main] hive.metastore: Connected to metastore. 2018-05-18T16:22:53,655 INFO [main] service.CompositeService: Operation log root directory is created: /var/hive/hs2log/tmp 2018-05-18T16:22:53,660 INFO [main] service.CompositeService: HiveServer2: Background operation thread pool size: 100 2018-05-18T16:22:53,660 INFO [main] service.CompositeService: HiveServer2: Background operation thread wait queue size: 100 2018-05-18T16:22:53,660 INFO [main] service.CompositeService: HiveServer2: Background operation thread keepalive time: 10 seconds 2018-05-18T16:22:53,690 WARN [main] authorizer.RangerHiveAuthorizer: filterListCmdObjects: user information not available 2018-05-18T16:22:53,825 INFO [main] server.Server: jetty-7.6.0.v20120127 2018-05-18T16:22:53,884 WARN [main] webapp.WebInfConfiguration: Can't reuse /tmp/jetty-0.0.0.0-10002-hiveserver2-_-any-, using /tmp/jetty-0.0.0.0-10002-hiveserver2-_-any-_6937658403338723795 2018-05-18T16:22:53,885 INFO [main] webapp.WebInfConfiguration: Extract jar:file:/usr/lib/apache-hive-2.3.2.5-bin/lib/hive-service-2.3.2.jar!/hive-webapps/hiveserver2/ to /tmp/jetty-0.0.0.0-10002-hiveserver2-_-any-_6937658403338723795/webapp 2018-05-18T16:22:54,040 INFO [main] handler.ContextHandler: started o.e.j.w.WebAppContext{/,file:/tmp/jetty-0.0.0.0-10002-hiveserver2-_-any-_6937658403338723795/webapp/},jar:file:/usr/lib/apache-hive-2.3.2.5-bin/lib/hive-service-2.3.2.jar!/hive-webapps/hiveserver2 2018-05-18T16:22:54,115 INFO [main] handler.ContextHandler: started o.e.j.s.ServletContextHandler{/static,jar:file:/usr/lib/apache-hive-2.3.2.5-bin/lib/hive-service-2.3.2.jar!/hive-webapps/static} 2018-05-18T16:22:54,134 INFO [main] server.AbstractConnector: Started SelectChannelConnector@0.0.0.0:10002 2018-05-18T16:22:54,136 INFO [main] http.HttpServer: Started HttpServer[hiveserver2] on port 10002 2018-05-18T16:22:54,141 INFO [Thread-8] auth.HiveAuthUtils: SSL Server Socket Enabled Protocols: [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2] 2018-05-18T16:22:54,144 INFO [main] session.SparkSessionManagerImpl: Setting up the session manager. 2018-05-18T16:22:54,146 INFO [Thread-8] thrift.ThriftCLIService: Starting ThriftBinaryCLIService on port 10000 with 5...500 worker threads 2018-05-18T16:22:54,482 INFO [main] spark.HiveSparkClientFactory: load HBase configuration (hbase.master.hfilecleaner.plugins -> org.apache.hadoop.hbase.master.cleaner.TimeToLiveHFileCleaner).
Created 05-20-2018 12:30 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In the plugins tab on the UI it has "No plugin found!"
