[
https://issues.apache.org/jira/browse/HIVE-23296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17092254#comment-17092254
]
Eugene Chung commented on HIVE-23296:
-------------------------------------
The result of some tests are strange; there's ClassNotFoundException. I think
the test itself had some problems.
{code:java}
java.lang.RuntimeException: org.apache.hadoop.hive.ql.metadata.HiveException:
java.lang.ClassNotFoundException:
org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest
at
org.apache.hadoop.hive.ql.session.SessionState.setupAuth(SessionState.java:951)
at
org.apache.hadoop.hive.ql.session.SessionState.getAuthenticator(SessionState.java:1696)
at
org.apache.hadoop.hive.ql.session.SessionState.getUserFromAuthenticator(SessionState.java:1306)
at
org.apache.hadoop.hive.ql.session.SessionState.getUser(SessionState.java:1291)
at org.apache.hadoop.hive.ql.QueryPlan.makeQueryId(QueryPlan.java:204)
at
org.apache.hadoop.hive.ql.QueryState$Builder.build(QueryState.java:265)
at
org.apache.hive.service.cli.operation.Operation.<init>(Operation.java:107)
at
org.apache.hive.service.cli.operation.Operation.<init>(Operation.java:87)
at
org.apache.hive.service.cli.operation.MetadataOperation.<init>(MetadataOperation.java:48)
at
org.apache.hive.service.cli.session.TestSessionManagerMetrics$BlockingOperation.<init>(TestSessionManagerMetrics.java:123)
at
org.apache.hive.service.cli.session.TestSessionManagerMetrics.testActiveSessionMetrics(TestSessionManagerMetrics.java:277)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at
org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
at
org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
at
org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
at
org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
at
org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
at
org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:379)
at
org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:340)
at
org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:125)
at
org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:413)
Caused by: org.apache.hadoop.hive.ql.metadata.HiveException:
java.lang.ClassNotFoundException:
org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest
at
org.apache.hadoop.hive.ql.metadata.HiveUtils.getAuthorizeProviderManager(HiveUtils.java:366)
at
org.apache.hadoop.hive.ql.session.SessionState.setupAuth(SessionState.java:927)
... 36 more
Caused by: java.lang.ClassNotFoundException:
org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactoryForTest
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
at
org.apache.hadoop.hive.ql.metadata.HiveUtils.getAuthorizeProviderManager(HiveUtils.java:356)
... 37 more
{code}
> Setting Tez caller ID with the actual Hive user
> -----------------------------------------------
>
> Key: HIVE-23296
> URL: https://issues.apache.org/jira/browse/HIVE-23296
> Project: Hive
> Issue Type: Improvement
> Components: Tez
> Reporter: Eugene Chung
> Assignee: Eugene Chung
> Priority: Major
> Attachments: HIVE-23296.01.patch, Screen Shot 2020-04-24 at
> 17.20.34.png
>
>
> On the kerberized Hadoop environment, a submitter of an YARN job is the name
> part of the Hive server principal. A caller ID of the job is made of the OS
> user of the Hive server process.
> The view and modify ACLs of the Hive server for all Tez tasks are set by
> org.apache.hadoop.hive.ql.exec.tez.TezTask#setAccessControlsForCurrentUser()
> so that the admin who has the Hive server principal can see all tasks from
> tez-ui. But the admin hardly knows who executed each query.
> I suggest to change the caller ID to include the actual Hive user. If the
> user is not known, the OS user of the Hive server process is included as is.
> The attached picture shows that 'Caller ID' includes 'user1' which is the
> Kerberos user name of the actual Hive user.
> !Screen Shot 2020-04-24 at 17.20.34.png|width=683,height=29!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
