[
https://issues.apache.org/jira/browse/IMPALA-13723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Quanlong Huang resolved IMPALA-13723.
-------------------------------------
Fix Version/s: Not Applicable
Resolution: Fixed
This is resolved by RANGER-5115.
> test_num_check_authorization_threads_with_ranger is flaky in new Ranger
> versions
> --------------------------------------------------------------------------------
>
> Key: IMPALA-13723
> URL: https://issues.apache.org/jira/browse/IMPALA-13723
> Project: IMPALA
> Issue Type: Bug
> Components: Frontend
> Reporter: Quanlong Huang
> Assignee: Quanlong Huang
> Priority: Critical
> Fix For: Not Applicable
>
>
> The test failed in running "show databases":
> {code:python}
> authorization/test_authorization.py:189: in
> test_num_check_authorization_threads_with_ranger
> self._test_ranger_show_stmts_helper(unique_name, PRIVILEGES)
> authorization/test_authorization.py:138: in _test_ranger_show_stmts_helper
> result = self.client.execute("show databases")
> common/impala_connection.py:218: in execute
> return self.__beeswax_client.execute(sql_stmt, user=user)
> beeswax/impala_beeswax.py:191: in execute
> handle = self.__execute_query(query_string.strip(), user=user)
> beeswax/impala_beeswax.py:367: in __execute_query
> handle = self.execute_query_async(query_string, user=user)
> beeswax/impala_beeswax.py:361: in execute_query_async
> handle = self.__do_rpc(lambda: self.imp_service.query(query,))
> beeswax/impala_beeswax.py:524: in __do_rpc
> raise ImpalaBeeswaxException(self.__build_error_message(b), b)
> E ImpalaBeeswaxException: ImpalaBeeswaxException:
> E INNER EXCEPTION: <class 'beeswaxd.ttypes.BeeswaxException'>
> E MESSAGE: InternalException: Failed to check access.Check the server log
> for more details.{code}
> Checking the coordinator logs, there is a ConcurrentModificationException:
> {noformat}
> E0125 19:33:42.241096 30632 Frontend.java:1168]
> 674058b5fff33c39:a2a9b55b00000000] Encountered an error checking access
> Java exception follows:
> java.util.concurrent.ExecutionException:
> java.util.ConcurrentModificationException
> at java.util.concurrent.FutureTask.report(FutureTask.java:122)
> at java.util.concurrent.FutureTask.get(FutureTask.java:192)
> at
> org.apache.impala.service.Frontend.filterUnaccessibleElements(Frontend.java:1164)
> at org.apache.impala.service.Frontend.getDbs(Frontend.java:1345)
> at org.apache.impala.service.JniFrontend.getDbs(JniFrontend.java:327)
> Caused by: java.util.ConcurrentModificationException
> at java.util.ArrayList$Itr.checkForComodification(ArrayList.java:911)
> at java.util.ArrayList$Itr.next(ArrayList.java:861)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getAccess(RangerDefaultPolicyEvaluator.java:1213)
> at
> org.apache.ranger.plugin.policyevaluator.RangerAbstractPolicyItemEvaluator.computeWithImpliedGrants(RangerAbstractPolicyItemEvaluator.java:138)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyItemEvaluator.isMatch(RangerDefaultPolicyItemEvaluator.java:96)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1413)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItemForAccessPolicyForSpecificAccess(RangerDefaultPolicyEvaluator.java:1392)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1370)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluatePolicyItems(RangerDefaultPolicyEvaluator.java:860)
> at
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluate(RangerDefaultPolicyEvaluator.java:256)
> at
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesForOneAccessTypeNoAudit(RangerPolicyEngineImpl.java:778)
> at
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesNoAudit(RangerPolicyEngineImpl.java:704)
> at
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.zoneAwareAccessEvaluationWithNoAudit(RangerPolicyEngineImpl.java:628)
> at
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePolicies(RangerPolicyEngineImpl.java:136)
> at
> org.apache.ranger.plugin.service.RangerBasePlugin.isAccessAllowed(RangerBasePlugin.java:513)
> at
> org.apache.impala.authorization.ranger.RangerAuthorizationChecker.authorizeResource(RangerAuthorizationChecker.java:685)
> at
> org.apache.impala.authorization.ranger.RangerAuthorizationChecker.authorizeResource(RangerAuthorizationChecker.java:174)
> at
> org.apache.impala.authorization.BaseAuthorizationChecker.hasAccess(BaseAuthorizationChecker.java:86)
> at
> org.apache.impala.authorization.BaseAuthorizationChecker.hasAccess(BaseAuthorizationChecker.java:71)
> at
> org.apache.impala.authorization.BaseAuthorizationChecker.hasAnyAccess(BaseAuthorizationChecker.java:96)
> at
> org.apache.impala.service.Frontend.isAccessibleToUser(Frontend.java:1417)
> at org.apache.impala.service.Frontend.access$200(Frontend.java:233)
> at
> org.apache.impala.service.Frontend$CheckAuthorization.call(Frontend.java:1129)
> at
> org.apache.impala.service.Frontend$CheckAuthorization.call(Frontend.java:1111)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> I0125 19:33:42.241312 30632 jni-util.cc:288]
> 674058b5fff33c39:a2a9b55b00000000]
> org.apache.impala.common.InternalException: Failed to check access.Check the
> server log for more details.
> at
> org.apache.impala.service.Frontend.filterUnaccessibleElements(Frontend.java:1174)
> at org.apache.impala.service.Frontend.getDbs(Frontend.java:1345)
> at
> org.apache.impala.service.JniFrontend.getDbs(JniFrontend.java:327){noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
