Hue - Hive Issue: User hitting 'org.apache.hadoop.security.AccessControlException'
Diagnostics:
ERROR that is thrown in Hue UI:
Since the issue is related to Hue - Hive editor, try to connect HiveServer2 from beeline.
This was also not successful.
ERROR observed in beeline:
java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 65d91fd0-8bf4-4901-926b-11efd107725a'.
Since the issue is related to Hue - Hive editor, try to connect HiveServer2 from beeline.
This was also not successful.
Error: Could not open client transport with JDBC Uri: jdbc:hive2://<HS2_HOSTNAME>:10000/default: Failed to open new session: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a (state=08S01,code=0)
java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://<HS2_HOSTNAME>:10000/default: Failed to open new session: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:210)
at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:107)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:208)
at org.apache.hive.beeline.DatabaseConnection.connect(DatabaseConnection.java:145)
at org.apache.hive.beeline.DatabaseConnection.getConnection(DatabaseConnection.java:209)
at org.apache.hive.beeline.Commands.connect(Commands.java:1469)
at org.apache.hive.beeline.Commands.connect(Commands.java:1364)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hive.beeline.ReflectiveCommandHandler.execute(ReflectiveCommandHandler.java:52)
at org.apache.hive.beeline.BeeLine.execCommandWithPrefix(BeeLine.java:1104)
at org.apache.hive.beeline.BeeLine.dispatch(BeeLine.java:1143)
at org.apache.hive.beeline.BeeLine.execute(BeeLine.java:976)
at org.apache.hive.beeline.BeeLine.begin(BeeLine.java:886)
at org.apache.hive.beeline.BeeLine.mainWithInputRedirection(BeeLine.java:502)
at org.apache.hive.beeline.BeeLine.main(BeeLine.java:485)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hadoop.util.RunJar.run(RunJar.java:221)
at org.apache.hadoop.util.RunJar.main(RunJar.java:136)
Caused by: org.apache.hive.service.cli.HiveSQLException: Failed to open new session: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:267)
at org.apache.hive.jdbc.Utils.verifySuccess(Utils.java:258)
at org.apache.hive.jdbc.HiveConnection.openSession(HiveConnection.java:583)
at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:187)
... 24 more
Caused by: org.apache.hive.service.cli.HiveSQLException: Failed to open new session: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at org.apache.hive.service.cli.session.SessionManager.createSession(SessionManager.java:328)
at org.apache.hive.service.cli.session.SessionManager.openSession(SessionManager.java:271)
at org.apache.hive.service.cli.CLIService.openSessionWithImpersonation(CLIService.java:189)
at org.apache.hive.service.cli.thrift.ThriftCLIService.getSessionHandle(ThriftCLIService.java:423)
at org.apache.hive.service.cli.thrift.ThriftCLIService.OpenSession(ThriftCLIService.java:312)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$OpenSession.getResult(TCLIService.java:1377)
at org.apache.hive.service.rpc.thrift.TCLIService$Processor$OpenSession.getResult(TCLIService.java:1362)
at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
at org.apache.hive.service.auth.TSetIpAddressProcessor.process(TSetIpAddressProcessor.java:56)
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:89)
at org.apache.hive.service.cli.session.HiveSessionProxy.access$000(HiveSessionProxy.java:36)
at org.apache.hive.service.cli.session.HiveSessionProxy$1.run(HiveSessionProxy.java:63)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1595)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:59)
at com.sun.proxy.$Proxy25.open(Unknown Source)
at org.apache.hive.service.cli.session.SessionManager.createSession(SessionManager.java:319)
... 13 more
Caused by: java.lang.RuntimeException: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at org.apache.hadoop.hive.ql.session.SessionState.start(SessionState.java:591)
at org.apache.hadoop.hive.ql.session.SessionState.start(SessionState.java:526)
at org.apache.hive.service.cli.session.HiveSessionImpl.open(HiveSessionImpl.java:168)
at sun.reflect.GeneratedMethodAccessor113.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.hive.service.cli.session.HiveSessionProxy.invoke(HiveSessionProxy.java:78)
... 21 more
Caused by: org.apache.hadoop.security.AccessControlException: User USERONE(user id USERONE-ID) has been denied access to create 7ed6cddc-0606-49ca-81a6-06901e7efc9a
at com.mapr.fs.MapRFileSystem.makeDir(MapRFileSystem.java:1256)
at com.mapr.fs.MapRFileSystem.mkdirs(MapRFileSystem.java:1276)
at org.apache.hadoop.hive.ql.session.SessionState.createPath(SessionState.java:735)
at org.apache.hadoop.hive.ql.session.SessionState.createSessionDirs(SessionState.java:658)
at org.apache.hadoop.hive.ql.session.SessionState.start(SessionState.java:563)
... 27 more
Root Cause:
From "at org.apache.hadoop.hive.ql.session.SessionState.createSessionDirs(SessionState.java:658)", it looked like there is some issue with the Hive scratch directory.
From 'org/apache/hadoop/hive/conf/HiveConf.java',
On checking the scratch directory for this user,
The directory user and group ownership were wrong.
hdfsSessionPath = new Path(hdfsScratchDirURIString, sessionId); createPath(conf, hdfsSessionPath, scratchDirPermission, false, true);
From 'org/apache/hadoop/hive/conf/HiveConf.java',
SCRATCHDIR("hive.exec.scratchdir", "/user/" + System.getProperty("user.name") + "/tmp/hive/",
"HDFS root scratch dir for Hive jobs which gets created with write all (777) permission. " +
"For each connecting user, an HDFS scratch dir: ${hive.exec.scratchdir}/<username> is created, " +
"with ${hive.scratch.dir.permission}."),
On checking the scratch directory for this user,
drwxr-xr-x - <WRONG_USER> <WRONG_USER_GROUP> 0 2018-01-06 15:49 /user/mapr/tmp/hive/USERONE
The directory user and group ownership were wrong.
Solution:
Provide correct user and group ownership to the directory.
(Simple way is to delete the scracth directory. Hive will automatically create it when the next operation comes in from the user.)
(Simple way is to delete the scracth directory. Hive will automatically create it when the next operation comes in from the user.)
Thank you.Well it was nice post and very helpful information on
ReplyDeleteBig data hadoop online training Hyderabad
perde modelleri
ReplyDeletesms onay
mobil ödeme bozdurma
nft nasıl alınır
ankara evden eve nakliyat
trafik sigortası
dedektor
web sitesi kurma
ask romanlari