[
https://issues.apache.org/jira/browse/HIVE-6907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13969337#comment-13969337
]
Navis commented on HIVE-6907:
-----------------------------
I remember in that case (no proxy user), unix ugi who started CLI or hiveserver
would be used.
Below is some part of patch fixing similar issue in our product version
(HiveMetaStoreClient).
{noformat}
+ SessionBase session = SessionBase.get();
// Call set_ugi, only in unsecure mode.
try {
- UserGroupInformation ugi = shim.getUGIForConf(conf);
+ UserGroupInformation ugi;
+ if (session != null) {
+ ugi = shim.createRemoteUser(session.getUserName(),
session.getGroupNames());
+ } else {
+ ugi = shim.getUGIForConf(conf);
+ }
{noformat}
> HiveServer2 - wrong user gets used for metastore operation with embedded
> metastore
> ----------------------------------------------------------------------------------
>
> Key: HIVE-6907
> URL: https://issues.apache.org/jira/browse/HIVE-6907
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Affects Versions: 0.13.0
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Blocker
> Fix For: 0.13.0
>
> Attachments: HIVE-6907.1.patch, HIVE-6907.2.patch, HIVE-6907.3.patch
>
>
> When queries are being run concurrently against HS2, sometimes the wrong user
> ends performing the metastore action and you get an error like -
> {code}
> ..INFO|java.sql.SQLException: Error while processing statement: FAILED:
> Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask.
> MetaException(message:java.security.AccessControlException: action WRITE not
> permitted on path hdfs://example.net:8020/apps/hive/warehouse/tbl_4eeulg9zp4
> for user hrt_qa)
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
