thanks,thejas.nair. it's work. 2016-05-04 15:40 GMT+08:00 Thejas Nair <thejas.n...@gmail.com>:
> The property should be named hadoop.proxyuser.dcos.groups and > hadoop.proxyuser.dcos.groups if you are running HS2 as user dcos. > Also, user dcos should belong to the group dcos if that setting is to > work. I assume you are trying to have hive.server2.enable.doAs=true. > > I am not sure why you are seeing different behavior with hive 1.2.1 . > > On Wed, May 4, 2016 at 12:27 AM, kevin <kiss.kevin...@gmail.com> wrote: > > I found hadoop info is :2016-05-04 13:49:33,785 INFO > > org.apache.hadoop.ipc.Server: Socket Reader #1 for port 9000: > > readAndProcess from client 10.1.3.120 threw exception > > [org.apache.hadoop.security.authorize.AuthorizationException: User: dcos > is > > not allowed to impersonate dcos] > > > > and when I trun to hive1.2.1 the problem is gone. is hive2 not match > > hadoop2.7.1? > > > > 2016-05-04 11:29 GMT+08:00 kevin <kiss.kevin...@gmail.com>: > > > >> hi all; > >> I use hive-2.0.0 with hadoop2.7.1 when I connect to the hiveserver2 I > got > >> msg : Failed to open new session: java.lang.RuntimeException: > >> > org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): > >> User: dcos is not allowed to impersonate dcos > >> > >> dcos is the user i use start hiverserver2. > >> > >> also I try to config hadoop core-site.xml whih : but not help > >> > >> <property> > >> <name>hadoop.proxyuser.hadoop.groups</name> > >> <value>dcos</value> > >> <description>Allow the superuser oozie to impersonate any members > of > >> the group group1 and group2</description> > >> </property> > >> > >> <property> > >> <name>hadoop.proxyuser.hadoop.hosts</name> > >> <value>localhost</value> > >> <description>The superuser can connect only from host1 and host2 > to > >> impersonate a user</description> > >> </property> > >> > >> > >> >
