[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1411-1.jpg > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1141-2-0.6.3.jpg > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1411-0.6.3.patch > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1411-0.7.0.patch > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Description: 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions table header is Permissions,Groups,Users,Action. But the first column in the table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So the table header should be Modules,Groups,Users,Action. 2.Web UI's Settings Permissions tab, click action to edit permission, and the page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit permission,so 'Permission Details' or 'Module Permission Details' may be more reasonable. > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1141-2-0.7.0.jpg > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu resolved RANGER-1411. --- Resolution: Fixed > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Summary: Permissions tab pages display are not reasonable (was: Permissions tab pages display is not reasonable) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Affects Version/s: (was: 1.0.0) (was: 0.7.0) > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1411-1.jpg > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display is not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1411-1.jpg) > Permissions tab pages display is not reasonable > --- > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is edit > permission,so 'Permission Details' or 'Module Permission Details' may be more > reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Reopened] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu reopened RANGER-1411: --- > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.7.0, 1.0.0 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. > 2.Web UI's Settings Permissions tab, click action to edit permission, and the > page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), > 'Module Details'(0.7.0 version ,1.0.0 version). The action is 'edit > permission',so 'Permission Details' or 'Module Permission Details' may be > more reasonable. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Issue Comment Deleted] (RANGER-1150) Optimize comments in install.properties
[ https://issues.apache.org/jira/browse/RANGER-1150?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1150: -- Comment: was deleted (was: Thanks [~gautamborad] very much. I have fixed the text,I need review,Thanks in advance.) > Optimize comments in install.properties > --- > > Key: RANGER-1150 > URL: https://issues.apache.org/jira/browse/RANGER-1150 > Project: Ranger > Issue Type: Bug > Components: usersync >Affects Versions: 0.6.0, 0.5.3 > Environment: centos6.5 x64 > ranger 0.7.0-SNAPSHOT >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Minor > Fix For: 0.5.3, 0.7.0 > > Attachments: RANGER-1150_1.patch, RANGER-1150.patch > > > The properties file of unixauthservice/scripts/install.properties has two > mistakes, and when compiled the ranger source, the install.properties would > be in ranger-0.7.0-SNAPSHOT-usersync.tar.gz. > a. the first inaccurate comment is " # a sample value would be > cn=admin,ou=users,dc=hadoop,dc=apache,dc-org". When deploy the usersync, the > comment given sample value would mislead user,especially the user do not > understant LDAP. Sample value would possibly be > cn=admin,ou=users,dc=hadoop,dc=apache,dc=org. > b. second is:"# if the value is false, typical AD would return would not > returm more than 1000 entries", the word "returm" should be "return", and the > sentence should be: "# if the value is false, typical AD would not return > more than 1000 entries." -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: 0001-RANGER-1411-Permissions-tab-pages-display-are-not-re.patch) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1411-Page-show-should-be-Modules.patch, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: 0001-RANGER-1411-Page-show-should-be-Modules.patch > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1411-Page-show-should-be-Modules.patch, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1411.patch) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0 > > Attachments: RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Description: 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions table header is Permissions,Groups,Users,Action. But the first column in the table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So the table header should be Modules,Groups,Users,Action. was: 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions table header is Permissions,Groups,Users,Action. But the first column in the table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So the table header should be Modules,Groups,Users,Action. 2.Web UI's Settings Permissions tab, click action to edit permission, and the page display bellow 'Edit Permission' is 'Policy Details' (0.6.3 version), 'Module Details'(0.7.0 version ,1.0.0 version). The action is 'edit permission',so 'Permission Details' or 'Module Permission Details' may be more reasonable. > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-0.7.0.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1411-0.7.0.patch) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1141-2-0.6.3.jpg, RANGER-1141-2-0.7.0.jpg, > RANGER-1411-0.6.3.patch, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16011826#comment-16011826 ] Haihui Xu commented on RANGER-1411: --- Review Board :https://reviews.apache.org/r/57868/ > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1141-2-0.7.0.jpg) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1411-0.6.3.patch) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1141-2-0.7.0.jpg, RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: RANGER-1141-2-0.6.3.jpg) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1141-2-0.7.0.jpg, RANGER-1411-0.6.3.patch, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: RANGER-1411.patch > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0, 0.7.1 > > Attachments: RANGER-1411-1.jpg, RANGER-1411.patch > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: (was: 0001-RANGER-1411-Page-show-should-be-Modules.patch) > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0 > > Attachments: RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (RANGER-1411) Permissions tab pages display are not reasonable
[ https://issues.apache.org/jira/browse/RANGER-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1411: -- Attachment: 0001-RANGER-1411-Page-show-should-be-Modules.patch > Permissions tab pages display are not reasonable > > > Key: RANGER-1411 > URL: https://issues.apache.org/jira/browse/RANGER-1411 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 0.6.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 1.0.0 > > Attachments: 0001-RANGER-1411-Page-show-should-be-Modules.patch, > RANGER-1411-1.jpg > > > 1.Navigate to Ranger Web UI's Settings Permissions tab, the permissions > table header is Permissions,Groups,Users,Action. But the first column in the > table is modules(Resource Based Policies,Users/Groups,Audits,Reports...). So > the table header should be Modules,Groups,Users,Action. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16198446#comment-16198446 ] Haihui Xu commented on RANGER-1823: --- [~rmani] https://reviews.apache.org/r/62860/ Thanks for your review. > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16203111#comment-16203111 ] Haihui Xu edited comment on RANGER-1823 at 10/13/17 6:35 AM: - [~rmani] You can check this out accroding to the "Description". was (Author: seymour xu): [~rmani]You can check this out accroding to the "Description". > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16203111#comment-16203111 ] Haihui Xu edited comment on RANGER-1823 at 10/13/17 6:35 AM: - [~rmani]You can check this out accroding to the "Description". was (Author: seymour xu): [~rmani] > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16203111#comment-16203111 ] Haihui Xu edited comment on RANGER-1823 at 10/13/17 6:33 AM: - [~rmani] was (Author: seymour xu): [~rmani] > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16203111#comment-16203111 ] Haihui Xu commented on RANGER-1823: --- [~rmani] > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1823: -- Description: In beeline, useraa create table hive_test, such as : CREATE TABLE hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add a policy for userbb, the policy has only "SELECT" of table hive_test; in beeline userbb execute "truncate table hive_test" / > Allowed TRUNCATE/INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1823: -- Attachment: RANGER-1823-Allowed TRUNCATE and INSERT to partition table when the policy item is only SELECT.patch > Allowed TRUNCATE/INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1823: -- Attachment: (was: RANGER-1823-Allowed TRUNCATEINSERT to partition table when the policy item is only SELECT.patch) > Allowed TRUNCATE/INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1823: -- Attachment: RANGER-1823-Allowed TRUNCATEINSERT to partition table when the policy item is only SELECT.patch > Allowed TRUNCATE/INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATEINSERT to partition table > when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"
Haihui Xu created RANGER-1823: - Summary: Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT" Key: RANGER-1823 URL: https://issues.apache.org/jira/browse/RANGER-1823 Project: Ranger Issue Type: Bug Components: plugins Affects Versions: 0.5.3 Reporter: Haihui Xu Assignee: Haihui Xu Fix For: 0.5.4, 1.0.0 -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-1823: -- Summary: Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT" (was: Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT") > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu > Fix For: 0.5.4, 1.0.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16420064#comment-16420064 ] Haihui Xu commented on RANGER-1823: --- [~rmani] This may be about with the vision of hive. I had test it using ranger-0.5.3 and apache hive-1.1.0 > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Fix For: 1.1.0 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch, Screen Shot 2018-01-24 at > 12.59.55 PM.png, clipboard.png > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16628485#comment-16628485 ] Haihui Xu edited comment on RANGER-2234 at 9/27/18 1:17 AM: The same error may occurs when executing ranger_core_db_postgres.sql/ranger_core_db_sqlanywhere.sql was (Author: seymour xu): The same error may be occurs when executing ranger_core_db_postgres.sql/ranger_core_db_sqlanywhere.sql > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234_Cannot add or update a child row,a foreign > key constraint fails when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Comment Edited] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16628485#comment-16628485 ] Haihui Xu edited comment on RANGER-2234 at 9/27/18 1:17 AM: The same error may occurs when executing ranger_core_db_postgres.sql/ranger_core_db_sqlanywhere.sql. was (Author: seymour xu): The same error may occurs when executing ranger_core_db_postgres.sql/ranger_core_db_sqlanywhere.sql > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234_Cannot add or update a child row,a foreign > key constraint fails when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"
[ https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu resolved RANGER-1823. --- Resolution: Won't Fix Fix Version/s: 0.5.3 0.7.1 > Allowed TRUNCATE and INSERT to partition table when the policy item is only > "SELECT" > > > Key: RANGER-1823 > URL: https://issues.apache.org/jira/browse/RANGER-1823 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 0.5.3, 0.7.1 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Fix For: 0.7.1, 0.5.3 > > Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition > table when the policy item is only SELECT.patch, Screen Shot 2018-01-24 at > 12.59.55 PM.png, clipboard.png > > > In beeline, useraa create table hive_test, such as : CREATE TABLE > hive_test(b string) PARTITIONED BY (a string); then in ranger admin UI add > a policy for userbb, the policy has only "SELECT" of table hive_test; in > beeline userbb execute "truncate table hive_test" / "insert into hive_test > partition(a=20171003) select 1 from hive_test" is allowed. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
Haihui Xu created RANGER-2234: - Summary: Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin Key: RANGER-2234 URL: https://issues.apache.org/jira/browse/RANGER-2234 Project: Ranger Issue Type: Bug Components: admin, Ranger Affects Versions: 1.1.0 Reporter: Haihui Xu Assignee: Haihui Xu Fix For: 2.0.0, 1.2.0 Install ranger-admin, execute setup.sh, -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Description: Install ranger-admin use mysql as the database,execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! was: Install ranger-admin, execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Install ranger-admin use mysql as the database,execute setup.sh, in progress > something happend, the error logs are
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Description: Installing ranger-admin use mysql as the database,execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! was: Install ranger-admin use mysql as the database,execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Description: Install ranger-admin, execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! was:Install ranger-admin, execute setup.sh, > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Install ranger-admin, execute setup.sh, in progress something happend, the > error logs are as flowing: > 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -input > /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql > Error executing: call insert_public_group_in_x_group_table(); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY > (`added_by_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY > (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -query "select version from x_db_version_h where version = '006' and > active = 'Y';" > 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -query "delete from x_db_version_h where version='006' and active='N' and > updated_by='bigcloudhc7';" > 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! -- This message was sent by Atlassian JIRA
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Labels: patch (was: ) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Install ranger-admin, execute setup.sh, in progress something happend, the > error logs are as flowing: > 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -input > /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql > Error executing: call insert_public_group_in_x_group_table(); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY > (`added_by_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY > (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -query "select version from x_db_version_h where version = '006' and > active = 'Y';" > 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp > /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c > \; -query "delete from x_db_version_h where version='006' and active='N' and > updated_by='bigcloudhc7';" > 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Description: Installing ranger-admin use mysql as the database,execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database ranger 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: ranger_core_db_mysql.sql 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c \; -input /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql Error executing: INSERT INTO x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! was: Installing ranger-admin use mysql as the database,execute setup.sh, in progress something happend, the error logs are as flowing: 2018-09-21 01:46:51,570 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -input /usr/bch/3.0.0/ranger-admin/db/mysql/patches/006-createdefaultpublicgroup.sql Error executing: call insert_public_group_in_x_group_table(); com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) SQLException : SQL state: 23000 com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`ranger`.`x_group`, CONSTRAINT `x_group_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 2018-09-21 01:46:52,005 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "select version from x_db_version_h where version = '006' and active = 'Y';" 2018-09-21 01:46:52,575 [JISQL] /usr/jdk64/jdk1.8.0_112/bin/java -cp /usr/bch/current/ranger-admin/ews/lib/mysql-connector-java.jar:/usr/bch/3.0.0/ranger-admin/jisql/lib/* org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://bigcloudhc5/ranger -u 'ranger' -p '' -noheader -trim -c \; -query "delete from x_db_version_h where version='006' and active='N' and updated_by='bigcloudhc7';" 2018-09-21 01:46:53,036 [E] 006-createdefaultpublicgroup.sql import failed! > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring >
[jira] [Commented] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16628472#comment-16628472 ] Haihui Xu commented on RANGER-2234: --- when executing: INSERT INTO x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); user_id value is 2, but the table x_portal_user does not exists id=2 row data. The cause is the primary key auto_increment may not add 1 each time. > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2234: -- Attachment: RANGER-2234_Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin.patch > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > Attachments: RANGER-2234_Cannot add or update a child row,a foreign > key constraint fails when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16628485#comment-16628485 ] Haihui Xu commented on RANGER-2234: --- The same error may be occurs when executing ranger_core_db_postgres.sql/ranger_core_db_sqlanywhere.sql > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0, 1.2.0 > > Attachments: RANGER-2234_Cannot add or update a child row,a foreign > key constraint fails when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu reassigned RANGER-2234: - Assignee: Haihui Xu (was: Akash Pawale) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234-02.patch, RANGER-2234-03.patch, > RANGER-2234_Cannot add or update a child row,a foreign key constraint fails > when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu reassigned RANGER-2234: - Assignee: Akash Pawale (was: Haihui Xu) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Akash Pawale >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234-02.patch, RANGER-2234-03.patch, > RANGER-2234_Cannot add or update a child row,a foreign key constraint fails > when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu reassigned RANGER-2369:
-
Assignee: Gautam Borad (was: Pradeep Agrawal)
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 2.0.0, 1.2.1
>
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu reassigned RANGER-2369:
-
Assignee: Pradeep Agrawal
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Pradeep Agrawal
>Priority: Major
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu reassigned RANGER-2369:
-
Assignee: (was: Haihui Xu)
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Priority: Major
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16793471#comment-16793471
]
Haihui Xu commented on RANGER-2369:
---
the same as in range 1.1 version,errors are:
2019-03-15 08:45:59,228 [http-bio-6080-exec-58] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=hive, logMessage=Exception [EclipseLink-4002] (Eclipse
Persistence Services - 2.5.2.v20140319-9ad6abd):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception:
com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Lock wait
timeout exceeded; try restarting transaction
Error Code: 1205
Call: UPDATE x_service_version_info SET policy_update_time = ?, policy_version
= ? WHERE (id = ?)
bind => [3 parameters bound]
Query: UpdateObjectQuery(XXServiceVersionInfo=\{id={13} serviceId=\{13}
policyVersion=\{11} policyUpdateTime=\{Fri Mar 15 08:45:08 UTC 2019}
tagVersion=\{1} tagUpdateTime=\{Mon Mar 11 08:54:44 UTC 2019} })
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:311)
at org.apache.ranger.rest.ServiceREST.secureGrantAccess(ServiceREST.java:1260)
at
org.apache.ranger.rest.ServiceREST$$FastClassBySpringCGLIB$$92dab672.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at
org.apache.ranger.rest.ServiceREST$$EnhancerBySpringCGLIB$$54793299.secureGrantAccess()
at sun.reflect.GeneratedMethodAccessor411.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
at
com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:409)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:558)
at
com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:733)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)
at
[jira] [Updated] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2369:
--
Description:
1、enable ranger-hive-plugin successfully;
2、Multi-thread process “ grant select on table tableName to user userName“;
3、the rangeradmin (0.5.3)log errors are:
2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
{hive}
resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
replaceExistingPermissions=\{false} isRecursive=\{false}
clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse
Persistence Services - 2.5.2.v20140319-9ad6abd):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception:
com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
found when trying to get lock; try restarting transaction
Error Code: 1213
Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
bind => [6 parameters bound]
Query: UpdateObjectQuery(XXService [id=2])
at
org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
at com.sun.proxy.$Proxy20.flush(Unknown Source)
at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
at
org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
at
org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
at org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
at
org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
at
org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at
org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
was:
1、enable ranger-hive-plugin successfully;
2、Multi-thread process “ grant select on table tableName to user userName“;
3、the rangeradmin log errors are:
2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
grantAccess(NMG1_hive, GrantRevokeRequest=\{grantor={hive} resource=\{column=*;
table=bbzhenhao1; database=default; } users=\{hxatest } groups={}
accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
replaceExistingPermissions=\{false} isRecursive=\{false}
clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse
Persistence Services - 2.5.2.v20140319-9ad6abd):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception:
com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
found when trying to get lock; try restarting transaction
Error Code: 1213
Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
bind => [6 parameters bound]
Query: UpdateObjectQuery(XXService [id=2])
at
org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
[jira] [Created] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
Haihui Xu created RANGER-2369:
-
Summary: Cannot multi-thread process hive grant sql when installed
ranger-hive-plugin
Key: RANGER-2369
URL: https://issues.apache.org/jira/browse/RANGER-2369
Project: Ranger
Issue Type: Bug
Components: admin, Ranger
Affects Versions: 1.1.0, 0.5.3
Reporter: Haihui Xu
1、enable ranger-hive-plugin successfully;
2、Multi-thread process “ grant select on table tableName to user userName“;
3、the rangeradmin log errors are:
2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
grantAccess(NMG1_hive, GrantRevokeRequest=\{grantor={hive} resource=\{column=*;
table=bbzhenhao1; database=default; } users=\{hxatest } groups={}
accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
replaceExistingPermissions=\{false} isRecursive=\{false}
clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
javax.persistence.PersistenceException: Exception [EclipseLink-4002] (Eclipse
Persistence Services - 2.5.2.v20140319-9ad6abd):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception:
com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
found when trying to get lock; try restarting transaction
Error Code: 1213
Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
bind => [6 parameters bound]
Query: UpdateObjectQuery(XXService [id=2])
at
org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
at com.sun.proxy.$Proxy20.flush(Unknown Source)
at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
at
org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
at
org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
at org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
at
org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
at
org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at
org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu reassigned RANGER-2369:
-
Assignee: Haihui Xu
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2369:
--
Fix Version/s: 1.2.1
2.0.0
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 2.0.0, 1.2.1
>
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (RANGER-2185) Hive Plugin show databases permission denied when user has access to some of the databases
[ https://issues.apache.org/jira/browse/RANGER-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2185: -- Attachment: show-databases-permission-denied-ranger1.1.0.patch > Hive Plugin show databases permission denied when user has access to some of > the databases > -- > > Key: RANGER-2185 > URL: https://issues.apache.org/jira/browse/RANGER-2185 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 1.0.0 >Reporter: dhomme >Priority: Major > Labels: security > Attachments: 0001-RANGER-2185-fix-hive-show-databases-bug.patch, > show-databases-permission-denied-ranger1.1.0.patch > > > Add a resource based policy to allow a user, hive, has access to the default > database. Then execute 'show databases;' via beeline, the user should see > 'default'. Instead following error is shown: > Error: Error while compiling statement: FAILED: HiveAccessControlException > Permission denied: user [hive] does not have [USE] privilege on [*] > (state=42000,code=4) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2329) [Hive Plugin] show databases denied although user has access to some databases
[
https://issues.apache.org/jira/browse/RANGER-2329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2329:
--
Attachment: show-databases-permission-denied-ranger1.1.0.patch
> [Hive Plugin] show databases denied although user has access to some databases
> --
>
> Key: RANGER-2329
> URL: https://issues.apache.org/jira/browse/RANGER-2329
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Affects Versions: 1.0.0, 1.2.0
>Reporter: peng bo
>Priority: Major
> Labels: patch
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
> Attachments: RANGER-2329.patch,
> show-databases-permission-denied-ranger1.1.0.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> a. assign select permission to user1 for database A with table * and hive
> Column *
> b. login user1 by beeline
> c. type 'show databases', error shows
> Error: Error while compiling statement: FAILED: HiveAccessControlException
> Permission denied: user [hadoop] does not have [USE] privilege on [*]
> (state=42000,code=4)
> The cause:
> It seems to be a regression introduced by
> [RANGER-1766|https://issues.apache.org/jira/browse/RANGER-1766]:
> {code:java}
> public class RangerHiveResource extends RangerAccessResourceImpl {
> public RangerHiveResource(HiveObjectType objectType, String
> databaseorUrl, String tableOrUdf, String column) {
> case DATABASE:
> +if (databaseorUrl == null) {
> + databaseorUrl = "*";
> +}
> {code}
> This code applies on "show databases" as well which prevents the according
> RangerPolicyEvaluator from being returned.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (RANGER-2185) Hive Plugin show databases permission denied when user has access to some of the databases
[ https://issues.apache.org/jira/browse/RANGER-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16848644#comment-16848644 ] Haihui Xu commented on RANGER-2185: --- I upload the patch of this issue about the ranger version 1.1.0. show-databases-permission-denied-ranger1.1.0.patch > Hive Plugin show databases permission denied when user has access to some of > the databases > -- > > Key: RANGER-2185 > URL: https://issues.apache.org/jira/browse/RANGER-2185 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 1.0.0 >Reporter: dhomme >Priority: Major > Labels: security > Attachments: 0001-RANGER-2185-fix-hive-show-databases-bug.patch, > show-databases-permission-denied-ranger1.1.0.patch, > show-databases-permission-denied-ranger1.1.0.patch > > > Add a resource based policy to allow a user, hive, has access to the default > database. Then execute 'show databases;' via beeline, the user should see > 'default'. Instead following error is shown: > Error: Error while compiling statement: FAILED: HiveAccessControlException > Permission denied: user [hive] does not have [USE] privilege on [*] > (state=42000,code=4) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2185) Hive Plugin show databases permission denied when user has access to some of the databases
[ https://issues.apache.org/jira/browse/RANGER-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2185: -- Attachment: (was: show-databases-permission-denied-ranger1.1.0.patch) > Hive Plugin show databases permission denied when user has access to some of > the databases > -- > > Key: RANGER-2185 > URL: https://issues.apache.org/jira/browse/RANGER-2185 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 1.0.0 >Reporter: dhomme >Priority: Major > Labels: security > Attachments: 0001-RANGER-2185-fix-hive-show-databases-bug.patch, > show-databases-permission-denied-ranger1.1.0.patch > > > Add a resource based policy to allow a user, hive, has access to the default > database. Then execute 'show databases;' via beeline, the user should see > 'default'. Instead following error is shown: > Error: Error while compiling statement: FAILED: HiveAccessControlException > Permission denied: user [hive] does not have [USE] privilege on [*] > (state=42000,code=4) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2185) Hive Plugin show databases permission denied when user has access to some of the databases
[ https://issues.apache.org/jira/browse/RANGER-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2185: -- Attachment: show-databases-permission-denied-ranger1.1.0.patch > Hive Plugin show databases permission denied when user has access to some of > the databases > -- > > Key: RANGER-2185 > URL: https://issues.apache.org/jira/browse/RANGER-2185 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 1.0.0 >Reporter: dhomme >Priority: Major > Labels: security > Attachments: 0001-RANGER-2185-fix-hive-show-databases-bug.patch, > show-databases-permission-denied-ranger1.1.0.patch, > show-databases-permission-denied-ranger1.1.0.patch > > > Add a resource based policy to allow a user, hive, has access to the default > database. Then execute 'show databases;' via beeline, the user should see > 'default'. Instead following error is shown: > Error: Error while compiling statement: FAILED: HiveAccessControlException > Permission denied: user [hive] does not have [USE] privilege on [*] > (state=42000,code=4) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2329) [Hive Plugin] show databases denied although user has access to some databases
[
https://issues.apache.org/jira/browse/RANGER-2329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16848645#comment-16848645
]
Haihui Xu commented on RANGER-2329:
---
I upload the patch of this issue about the ranger version 1.1.0.
show-databases-permission-denied-ranger1.1.0.patch
> [Hive Plugin] show databases denied although user has access to some databases
> --
>
> Key: RANGER-2329
> URL: https://issues.apache.org/jira/browse/RANGER-2329
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Affects Versions: 1.0.0, 1.2.0
>Reporter: peng bo
>Priority: Major
> Labels: patch
> Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1
>
> Attachments: RANGER-2329.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> a. assign select permission to user1 for database A with table * and hive
> Column *
> b. login user1 by beeline
> c. type 'show databases', error shows
> Error: Error while compiling statement: FAILED: HiveAccessControlException
> Permission denied: user [hadoop] does not have [USE] privilege on [*]
> (state=42000,code=4)
> The cause:
> It seems to be a regression introduced by
> [RANGER-1766|https://issues.apache.org/jira/browse/RANGER-1766]:
> {code:java}
> public class RangerHiveResource extends RangerAccessResourceImpl {
> public RangerHiveResource(HiveObjectType objectType, String
> databaseorUrl, String tableOrUdf, String column) {
> case DATABASE:
> +if (databaseorUrl == null) {
> + databaseorUrl = "*";
> +}
> {code}
> This code applies on "show databases" as well which prevents the according
> RangerPolicyEvaluator from being returned.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (RANGER-2185) Hive Plugin show databases permission denied when user has access to some of the databases
[ https://issues.apache.org/jira/browse/RANGER-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16846523#comment-16846523 ] Haihui Xu commented on RANGER-2185: --- I find that ranger 1.1.0 has the same issue. But the solution of [~dhomme] maybe not good enough。 The method “isShowDatabasesAccessAllowed(request)” should not in RangerHiveAuthorizer.java(ranger-hive-plugin) what about the offical solution?[~rmani] > Hive Plugin show databases permission denied when user has access to some of > the databases > -- > > Key: RANGER-2185 > URL: https://issues.apache.org/jira/browse/RANGER-2185 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 1.0.0 >Reporter: dhomme >Priority: Major > Labels: security > Attachments: 0001-RANGER-2185-fix-hive-show-databases-bug.patch > > > Add a resource based policy to allow a user, hive, has access to the default > database. Then execute 'show databases;' via beeline, the user should see > 'default'. Instead following error is shown: > Error: Error while compiling statement: FAILED: HiveAccessControlException > Permission denied: user [hive] does not have [USE] privilege on [*] > (state=42000,code=4) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16916258#comment-16916258 ] Haihui Xu commented on RANGER-2551: --- ok, Thanks. See: https://reviews.apache.org/r/71371/ [~bosco] > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16916259#comment-16916259 ] Haihui Xu commented on RANGER-2551: --- [~madhan.neethiraj] Two different matters. you can see the uuid in RangerDefaultAuditHandler.java like: private static String UUID = MiscUtil.generateUniqueId(); > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Assigned] (RANGER-2234) Cannot add or update a child row,a foreign key constraint fails when installing ranger-admin
[ https://issues.apache.org/jira/browse/RANGER-2234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu reassigned RANGER-2234: - Assignee: Haihui Xu (was: Akash Pawale) > Cannot add or update a child row,a foreign key constraint fails when > installing ranger-admin > > > Key: RANGER-2234 > URL: https://issues.apache.org/jira/browse/RANGER-2234 > Project: Ranger > Issue Type: Bug > Components: admin, Ranger >Affects Versions: 1.1.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2234-02.patch, RANGER-2234-03.patch, > RANGER-2234_Cannot add or update a child row,a foreign key constraint fails > when installing ranger-admin.patch > > > Installing ranger-admin use mysql as the database,execute setup.sh, in > progress something happend, the error logs are as flowing: > 2018-09-26 17:17:08,539 [I] Table xa_access_audit does not exist in database > ranger > 2018-09-26 17:17:08,539 [I] Importing db schema to database ranger from file: > ranger_core_db_mysql.sql > 2018-09-26 17:17:08,540 [JISQL] /home/ranger/jdk1.8.0_121/bin/java -cp > /usr/share/java/mysql-connector-java.jar:/home/ranger/ranger-1.1.0-admin/jisql/lib/* > org.apache.util.sql.Jisql -driver mysqlconj -cstring > jdbc:mysql://10.139.16.75/ranger -u 'root' -p '' -noheader -trim -c > \; -input > /home/ranger/ranger-1.1.0-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql > Error executing: INSERT INTO > x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) > VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,2,'ROLE_SYS_ADMIN',1); > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) > SQLException : SQL state: 23000 > com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: > Cannot add or update a child row: a foreign key constraint fails > (`ranger`.`x_portal_user_role`, CONSTRAINT `x_portal_user_role_FK_user_id` > FOREIGN KEY (`user_id`) REFERENCES `x_portal_user` (`id`)) ErrorCode: 1452 > 2018-09-26 17:22:20,882 [E] ranger_core_db_mysql.sql file import failed! -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16915596#comment-16915596 ] Haihui Xu commented on RANGER-2551: --- The ranger audit log event happens very frequently when the kafka client access kafka broker, and finally call native method very frequently. > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2551: -- Labels: patch (was: ) > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2551: -- Attachment: RANGER-2551.patch > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Created] (RANGER-2551) Optimize obtaining the agentHostname of audit log
Haihui Xu created RANGER-2551: - Summary: Optimize obtaining the agentHostname of audit log Key: RANGER-2551 URL: https://issues.apache.org/jira/browse/RANGER-2551 Project: Ranger Issue Type: Improvement Components: plugins, Ranger Affects Versions: 1.2.0, 2.0.0, 1.1.0 Reporter: Haihui Xu Assignee: Haihui Xu Fix For: 2.1.0 Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event happens very frequently when the kafka client access kafka broker, thus affectting kafka performance. The jstack of kakfa broker pid logs is: "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] java.lang.Thread.State: RUNNABLE at java.net.Inet4AddressImpl.getLocalHostName(Native Method) at java.net.InetAddress.getLocalHost(InetAddress.java:1474) at org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) at org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) at org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Commented] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16918201#comment-16918201 ] Haihui Xu commented on RANGER-2551: --- ok, Thanks. Got it. [~bosco] > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.2#803003)
[jira] [Updated] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
[
https://issues.apache.org/jira/browse/RANGER-2566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2566:
--
Fix Version/s: 0.5.3
1.1.0
2.0.0
> Optimize logging code of RangerHiveAuthorizer
>
>
> Key: RANGER-2566
> URL: https://issues.apache.org/jira/browse/RANGER-2566
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Fix For: 0.5.3, 1.1.0, 2.0.0
>
> Attachments: RANGER-2566.patch
>
>
> The log code :
> {code:java}
> LOG.info("grantPrivileges(): " + request);
> if(LOG.isDebugEnabled()) {
> LOG.debug("grantPrivileges(): " + request);
> }
> {code}
> It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
[jira] [Updated] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
[
https://issues.apache.org/jira/browse/RANGER-2566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2566:
--
Attachment: RANGER-2566.patch
> Optimize logging code of RangerHiveAuthorizer
>
>
> Key: RANGER-2566
> URL: https://issues.apache.org/jira/browse/RANGER-2566
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Attachments: RANGER-2566.patch
>
>
> The log code :
> {code:java}
> LOG.info("grantPrivileges(): " + request);
> if(LOG.isDebugEnabled()) {
> LOG.debug("grantPrivileges(): " + request);
> }
> {code}
> It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
[jira] [Created] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
Haihui Xu created RANGER-2566:
-
Summary: Optimize logging code of RangerHiveAuthorizer
Key: RANGER-2566
URL: https://issues.apache.org/jira/browse/RANGER-2566
Project: Ranger
Issue Type: Improvement
Components: plugins
Reporter: Haihui Xu
Assignee: Haihui Xu
The log code :
{code:java}
LOG.info("grantPrivileges(): " + request);
if(LOG.isDebugEnabled()) {
LOG.debug("grantPrivileges(): " + request);
}
{code}
It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
[jira] [Updated] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
[
https://issues.apache.org/jira/browse/RANGER-2566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2566:
--
Labels: patch (was: )
> Optimize logging code of RangerHiveAuthorizer
>
>
> Key: RANGER-2566
> URL: https://issues.apache.org/jira/browse/RANGER-2566
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Labels: patch
> Fix For: 0.5.3, 1.1.0, 2.0.0
>
> Attachments: RANGER-2566.patch
>
>
> The log code :
> {code:java}
> LOG.info("grantPrivileges(): " + request);
> if(LOG.isDebugEnabled()) {
> LOG.debug("grantPrivileges(): " + request);
> }
> {code}
> It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt
[ https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2578: -- Attachment: 0002-RANGER-2578-Login-rangeradmin-password should-encrypt.patch > Login rangeradmin password should encrypt > - > > Key: RANGER-2578 > URL: https://issues.apache.org/jira/browse/RANGER-2578 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Attachments: 0001-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png > > > When login ranger admin, the password is visible when press F12. And the > password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-2578) Login rangeradmin password should encrypt
Haihui Xu created RANGER-2578: - Summary: Login rangeradmin password should encrypt Key: RANGER-2578 URL: https://issues.apache.org/jira/browse/RANGER-2578 Project: Ranger Issue Type: New Feature Components: admin, Ranger Reporter: Haihui Xu Assignee: Haihui Xu When login ranger admin, the password is visible when press F12. And the password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt
[ https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2578: -- Attachment: 49c0e28673b13ffaf2dfe7e4067fcad.png > Login rangeradmin password should encrypt > - > > Key: RANGER-2578 > URL: https://issues.apache.org/jira/browse/RANGER-2578 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Attachments: 49c0e28673b13ffaf2dfe7e4067fcad.png > > > When login ranger admin, the password is visible when press F12. And the > password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt
[ https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2578: -- Attachment: 0001-RANGER-2578-Login-rangeradmin-password should-encrypt.patch > Login rangeradmin password should encrypt > - > > Key: RANGER-2578 > URL: https://issues.apache.org/jira/browse/RANGER-2578 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Attachments: 0001-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png > > > When login ranger admin, the password is visible when press F12. And the > password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt
[ https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2578: -- Labels: patch (was: ) > Login rangeradmin password should encrypt > - > > Key: RANGER-2578 > URL: https://issues.apache.org/jira/browse/RANGER-2578 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Attachments: 0001-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png > > > When login ranger admin, the password is visible when press F12. And the > password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2578) Login rangeradmin password should encrypt
[ https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16934131#comment-16934131 ] Haihui Xu commented on RANGER-2578: --- Using AES algorithm to encrypt. Front-end encrypt password and Back-end decrypt password. > Login rangeradmin password should encrypt > - > > Key: RANGER-2578 > URL: https://issues.apache.org/jira/browse/RANGER-2578 > Project: Ranger > Issue Type: New Feature > Components: admin, Ranger >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Attachments: 0001-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password > should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png > > > When login ranger admin, the password is visible when press F12. And the > password should encrypt. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[
https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2676:
--
Summary: Before obtaining AuthzAuditEvent Object should check
xasecure.audit.destination.xx value (was: Before obtaining AuditHandler Object
should check xasecure.audit.destination.xx value)
> Before obtaining AuthzAuditEvent Object should check
> xasecure.audit.destination.xx value
>
>
> Key: RANGER-2676
> URL: https://issues.apache.org/jira/browse/RANGER-2676
> Project: Ranger
> Issue Type: Improvement
> Components: audit, plugins
>Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Critical
> Fix For: 2.0.0
>
>
> When after evalute policy and then process the auditlog,need to obtain
> AuditHandler Object and AuthzAuditEvent object
> (1)AuditHandler object obtained when init plugin according to the value of
> xasecure.audit.destination.{db/solor...}
> (2) So, obtaining AuthzAuditEvent should also according to the value of
> xasecure.audit.destination.{db/solor...}, or when AuditHandler is null or
> dummyHandler, constructing AuthzAuditEvent object is useless which is very
> frequently called and thus result in the performance decline of service(hdfs
> namenode, kakfa broker,hiveserver2...)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Created] (RANGER-2676) Before obtaining AuditHandler Object should check xasecure.audit.destination.xx value
Haihui Xu created RANGER-2676:
-
Summary: Before obtaining AuditHandler Object should check
xasecure.audit.destination.xx value
Key: RANGER-2676
URL: https://issues.apache.org/jira/browse/RANGER-2676
Project: Ranger
Issue Type: Improvement
Components: audit, plugins
Affects Versions: 1.2.0, 2.0.0, 1.1.0, 1.0.0
Reporter: Haihui Xu
Assignee: Haihui Xu
Fix For: 2.0.0
When after evalute policy and then process the auditlog,need to obtain
AuditHandler Object and AuthzAuditEvent object
(1)AuditHandler object obtained when init plugin according to the value of
xasecure.audit.destination.{db/solor...}
(2) So, obtaining AuthzAuditEvent should also according to the value of
xasecure.audit.destination.{db/solor...}, or when AuditHandler is null or
dummyHandler, constructing AuthzAuditEvent object is useless which is very
frequently called and thus result in the performance decline of service(hdfs
namenode, kakfa broker,hiveserver2...)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[ https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2676: -- Description: When after evalute policy and then process the auditlog,need to obtain AuditHandler Object and AuthzAuditEvent object (1) AuditHandler object obtained when init plugin according to the value of xasecure.audit.destination.db/solr/hdfs/... (2) So, obtaining AuthzAuditEvent should also according to the value of xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or dummyHandler, constructing AuthzAuditEvent object is useless which is very frequently called and thus result in the performance decline of service(hdfs namenode, kakfa broker,hiveserver2...) was: When after evalute policy and then process the auditlog,need to obtain AuditHandler Object and AuthzAuditEvent object (1)AuditHandler object obtained when init plugin according to the value of xasecure.audit.destination.db/solr/hdfs/... (2) So, obtaining AuthzAuditEvent should also according to the value of xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or dummyHandler, constructing AuthzAuditEvent object is useless which is very frequently called and thus result in the performance decline of service(hdfs namenode, kakfa broker,hiveserver2...) > Before obtaining AuthzAuditEvent Object should check > xasecure.audit.destination.xx value > > > Key: RANGER-2676 > URL: https://issues.apache.org/jira/browse/RANGER-2676 > Project: Ranger > Issue Type: Improvement > Components: audit, plugins >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Critical > Fix For: 2.0.0 > > > When after evalute policy and then process the auditlog,need to obtain > AuditHandler Object and AuthzAuditEvent object > (1) AuditHandler object obtained when init plugin according to the value of > xasecure.audit.destination.db/solr/hdfs/... > (2) So, obtaining AuthzAuditEvent should also according to the value of > xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or > dummyHandler, constructing AuthzAuditEvent object is useless which is very > frequently called and thus result in the performance decline of service(hdfs > namenode, kakfa broker,hiveserver2...) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[
https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2676:
--
Description:
When after evalute policy and then process the auditlog,need to obtain
AuditHandler Object and AuthzAuditEvent object
(1)AuditHandler object obtained when init plugin according to the value of
xasecure.audit.destination.{db/solor...}
(2) So, obtaining AuthzAuditEvent should also according to the value of
xasecure.audit.destination.{db/solor...},or when AuditHandler is null or
dummyHandler, constructing AuthzAuditEvent object is useless which is very
frequently called and thus result in the performance decline of service(hdfs
namenode, kakfa broker,hiveserver2...)
was:
When after evalute policy and then process the auditlog,need to obtain
AuditHandler Object and AuthzAuditEvent object
(1)AuditHandler object obtained when init plugin according to the value of
xasecure.audit.destination.{db/solor...}
(2) So, obtaining AuthzAuditEvent should also according to the value of
xasecure.audit.destination.{db/solor...}, or when AuditHandler is null or
dummyHandler, constructing AuthzAuditEvent object is useless which is very
frequently called and thus result in the performance decline of service(hdfs
namenode, kakfa broker,hiveserver2...)
> Before obtaining AuthzAuditEvent Object should check
> xasecure.audit.destination.xx value
>
>
> Key: RANGER-2676
> URL: https://issues.apache.org/jira/browse/RANGER-2676
> Project: Ranger
> Issue Type: Improvement
> Components: audit, plugins
>Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Critical
> Fix For: 2.0.0
>
>
> When after evalute policy and then process the auditlog,need to obtain
> AuditHandler Object and AuthzAuditEvent object
> (1)AuditHandler object obtained when init plugin according to the value of
> xasecure.audit.destination.{db/solor...}
> (2) So, obtaining AuthzAuditEvent should also according to the value of
> xasecure.audit.destination.{db/solor...},or when AuditHandler is null or
> dummyHandler, constructing AuthzAuditEvent object is useless which is very
> frequently called and thus result in the performance decline of service(hdfs
> namenode, kakfa broker,hiveserver2...)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[
https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2676:
--
Description:
When after evalute policy and then process the auditlog,need to obtain
AuditHandler Object and AuthzAuditEvent object
(1)AuditHandler object obtained when init plugin according to the value of
xasecure.audit.destination.db/solr/hdfs/...
(2) So, obtaining AuthzAuditEvent should also according to the value of
xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or
dummyHandler, constructing AuthzAuditEvent object is useless which is very
frequently called and thus result in the performance decline of service(hdfs
namenode, kakfa broker,hiveserver2...)
was:
When after evalute policy and then process the auditlog,need to obtain
AuditHandler Object and AuthzAuditEvent object
(1)AuditHandler object obtained when init plugin according to the value of
xasecure.audit.destination.{db/solor...}
(2) So, obtaining AuthzAuditEvent should also according to the value of
xasecure.audit.destination.{db/solor...},or when AuditHandler is null or
dummyHandler, constructing AuthzAuditEvent object is useless which is very
frequently called and thus result in the performance decline of service(hdfs
namenode, kakfa broker,hiveserver2...)
> Before obtaining AuthzAuditEvent Object should check
> xasecure.audit.destination.xx value
>
>
> Key: RANGER-2676
> URL: https://issues.apache.org/jira/browse/RANGER-2676
> Project: Ranger
> Issue Type: Improvement
> Components: audit, plugins
>Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Critical
> Fix For: 2.0.0
>
>
> When after evalute policy and then process the auditlog,need to obtain
> AuditHandler Object and AuthzAuditEvent object
> (1)AuditHandler object obtained when init plugin according to the value of
> xasecure.audit.destination.db/solr/hdfs/...
> (2) So, obtaining AuthzAuditEvent should also according to the value of
> xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or
> dummyHandler, constructing AuthzAuditEvent object is useless which is very
> frequently called and thus result in the performance decline of service(hdfs
> namenode, kakfa broker,hiveserver2...)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[ https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2676: -- Attachment: RANGER-2676.patch > Before obtaining AuthzAuditEvent Object should check > xasecure.audit.destination.xx value > > > Key: RANGER-2676 > URL: https://issues.apache.org/jira/browse/RANGER-2676 > Project: Ranger > Issue Type: Improvement > Components: audit, plugins >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Critical > Fix For: 2.0.0 > > Attachments: RANGER-2676.patch > > > When after evalute policy and then process the auditlog,need to obtain > AuditHandler Object and AuthzAuditEvent object > (1) AuditHandler object obtained when init plugin according to the value of > xasecure.audit.destination.db/solr/hdfs/... > (2) So, obtaining AuthzAuditEvent should also according to the value of > xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or > dummyHandler, constructing AuthzAuditEvent object is useless which is very > frequently called and thus result in the performance decline of service(hdfs > namenode, kakfa broker,hiveserver2...) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[ https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu updated RANGER-2676: -- Labels: patch (was: ) > Before obtaining AuthzAuditEvent Object should check > xasecure.audit.destination.xx value > > > Key: RANGER-2676 > URL: https://issues.apache.org/jira/browse/RANGER-2676 > Project: Ranger > Issue Type: Improvement > Components: audit, plugins >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Critical > Labels: patch > Fix For: 2.0.0 > > Attachments: RANGER-2676.patch > > > When after evalute policy and then process the auditlog,need to obtain > AuditHandler Object and AuthzAuditEvent object > (1) AuditHandler object obtained when init plugin according to the value of > xasecure.audit.destination.db/solr/hdfs/... > (2) So, obtaining AuthzAuditEvent should also according to the value of > xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or > dummyHandler, constructing AuthzAuditEvent object is useless which is very > frequently called and thus result in the performance decline of service(hdfs > namenode, kakfa broker,hiveserver2...) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu resolved RANGER-2369.
---
Resolution: Won't Do
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 1.2.1
>
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-2369) Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
[
https://issues.apache.org/jira/browse/RANGER-2369?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17120744#comment-17120744
]
Haihui Xu commented on RANGER-2369:
---
This may be mysql config error.
> Cannot multi-thread process hive grant sql when installed ranger-hive-plugin
>
>
> Key: RANGER-2369
> URL: https://issues.apache.org/jira/browse/RANGER-2369
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
>Affects Versions: 0.5.3, 1.1.0
>Reporter: Haihui Xu
>Assignee: Gautam Borad
>Priority: Major
> Fix For: 1.2.1
>
>
> 1、enable ranger-hive-plugin successfully;
> 2、Multi-thread process “ grant select on table tableName to user userName“;
> 3、the rangeradmin (0.5.3)log errors are:
> 2019-03-12 16:20:28,157 [http-bio-6080-exec-3] ERROR
> org.apache.ranger.rest.ServiceREST (ServiceREST.java:951) -
> grantAccess(NMG1_hive, GrantRevokeRequest={grantor=
> {hive}
> resource=\{column=*; table=bbzhenhao1; database=default; } users=\{hxatest }
> groups={} accessTypes=\{select } delegateAdmin=\{false} enableAudit=\{true}
> replaceExistingPermissions=\{false} isRecursive=\{false}
> clientIPAddress=\{10.129.3.1} clientType=\{HIVESERVER2} requestData={}
> sessionId=\{59259b8c-223c-45f5-95cd-a30671de4d79} }) failed
> javax.persistence.PersistenceException: Exception [EclipseLink-4002]
> (Eclipse Persistence Services - 2.5.2.v20140319-9ad6abd):
> org.eclipse.persistence.exceptions.DatabaseException
> Internal Exception:
> com.mysql.jdbc.exceptions.jdbc4.MySQLTransactionRollbackException: Deadlock
> found when trying to get lock; try restarting transaction
> Error Code: 1213
> Call: UPDATE x_service SET policy_update_time = ?, policy_version = ?,
> UPDATE_TIME = ?, version = ? WHERE ((id = ?) AND (version = ?))
> bind => [6 parameters bound]
> Query: UpdateObjectQuery(XXService [id=2])
> at
> org.eclipse.persistence.internal.jpa.EntityManagerImpl.flush(EntityManagerImpl.java:868)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:240)
> at com.sun.proxy.$Proxy20.flush(Unknown Source)
> at org.apache.ranger.common.db.BaseDao.update(BaseDao.java:99)
> at
> org.apache.ranger.biz.ServiceDBStore.updatePolicyVersion(ServiceDBStore.java:1896)
> at
> org.apache.ranger.biz.ServiceDBStore.handlePolicyUpdate(ServiceDBStore.java:1864)
> at
> org.apache.ranger.biz.ServiceDBStore.createPolicy(ServiceDBStore.java:1384)
> at org.apache.ranger.rest.ServiceREST.grantAccess(ServiceREST.java:946)
> at
> org.apache.ranger.rest.ServiceREST$$FastClassByCGLIB$$92dab672.invoke()
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
> at
> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
> at
> org.apache.ranger.rest.ServiceREST$$EnhancerByCGLIB$$d842e7d5.grantAccess()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[ https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17120745#comment-17120745 ] Haihui Xu commented on RANGER-2676: --- This may be performance issue, [~gautam] please review it > Before obtaining AuthzAuditEvent Object should check > xasecure.audit.destination.xx value > > > Key: RANGER-2676 > URL: https://issues.apache.org/jira/browse/RANGER-2676 > Project: Ranger > Issue Type: Improvement > Components: audit, plugins >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Critical > Labels: patch > Attachments: RANGER-2676.patch > > > When after evalute policy and then process the auditlog,need to obtain > AuditHandler Object and AuthzAuditEvent object > (1) AuditHandler object obtained when init plugin according to the value of > xasecure.audit.destination.db/solr/hdfs/... > (2) So, obtaining AuthzAuditEvent should also according to the value of > xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or > dummyHandler, constructing AuthzAuditEvent object is useless which is very > frequently called and thus result in the performance decline of service(hdfs > namenode, kakfa broker,hiveserver2...) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
[
https://issues.apache.org/jira/browse/RANGER-2566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu updated RANGER-2566:
--
Affects Version/s: 0.6.3
> Optimize logging code of RangerHiveAuthorizer
>
>
> Key: RANGER-2566
> URL: https://issues.apache.org/jira/browse/RANGER-2566
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
>Affects Versions: 0.6.3
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Labels: patch
> Attachments: RANGER-2566.patch
>
>
> The log code :
> {code:java}
> LOG.info("grantPrivileges(): " + request);
> if(LOG.isDebugEnabled()) {
> LOG.debug("grantPrivileges(): " + request);
> }
> {code}
> It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Resolved] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu resolved RANGER-2551. --- Resolution: Fixed > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Reopened] (RANGER-2551) Optimize obtaining the agentHostname of audit log
[ https://issues.apache.org/jira/browse/RANGER-2551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu reopened RANGER-2551: --- > Optimize obtaining the agentHostname of audit log > -- > > Key: RANGER-2551 > URL: https://issues.apache.org/jira/browse/RANGER-2551 > Project: Ranger > Issue Type: Improvement > Components: plugins, Ranger >Affects Versions: 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Major > Labels: patch > Fix For: 2.1.0 > > Attachments: RANGER-2551.patch > > > Firstly, kafka enable ranger-kafka-plugin,. The ranger audit log event > happens very frequently when the kafka client access kafka broker, thus > affectting kafka performance. The jstack of kakfa broker pid logs is: > "kafka-request-handler-23" #101 daemon prio=5 os_prio=0 > tid=0x7fbcce7d5000 nid=0x3331a runnable [0x7fb356e3000] > java.lang.Thread.State: RUNNABLE > at java.net.Inet4AddressImpl.getLocalHostName(Native Method) > at java.net.InetAddress.getLocalHost(InetAddress.java:1474) > at > org.apache.ranger.audit.provider.MiscUtil.getHostname(MiscUtil.java 166) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.populateDefaults(RangerDefaultAuditHandler.java:198) > at > org.apache.ranger.plugin.audit.RangerDefaultAuditHandler.getAuthezEvents(RangerDefaultAuditHandler.java:132) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (RANGER-2566) Optimize logging code of RangerHiveAuthorizer
[
https://issues.apache.org/jira/browse/RANGER-2566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haihui Xu resolved RANGER-2566.
---
Resolution: Fixed
> Optimize logging code of RangerHiveAuthorizer
>
>
> Key: RANGER-2566
> URL: https://issues.apache.org/jira/browse/RANGER-2566
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Labels: patch
> Attachments: RANGER-2566.patch
>
>
> The log code :
> {code:java}
> LOG.info("grantPrivileges(): " + request);
> if(LOG.isDebugEnabled()) {
> LOG.debug("grantPrivileges(): " + request);
> }
> {code}
> It looks strange. Maybe need to potimize.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (RANGER-3302) GetAuthzEvents should check if auditProvider is null
[
https://issues.apache.org/jira/browse/RANGER-3302?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17355451#comment-17355451
]
Haihui Xu commented on RANGER-3302:
---
[~madhan] Please review it, thanks very much.
> GetAuthzEvents should check if auditProvider is null
>
>
> Key: RANGER-3302
> URL: https://issues.apache.org/jira/browse/RANGER-3302
> Project: Ranger
> Issue Type: Improvement
> Components: audit
>Affects Versions: 2.1.0
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Labels: patch, performance
> Fix For: 2.2.0
>
> Attachments: RANGER-3302.patch
>
>
> Process the auditlog,need to getAuditProvider and getAuthzEvents, when
> logAuthzAudit, the code is
>if (auditProvider == null || !auditProvider.log(auditEvent)) {
> MiscUtil.logErrorMessageByInterval(LOG, "fail
> to log audit event " + auditEvent);
> }
> so, when getAuthzEvents should check auditProvider value, when auditProvider
> is null, there is no need to construct auditEvent, which is time-consuming
> and will result in the performance decline of service(kakfa broker,namenode,
> hiveserver2...)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Resolved] (RANGER-2676) Before obtaining AuthzAuditEvent Object should check xasecure.audit.destination.xx value
[ https://issues.apache.org/jira/browse/RANGER-2676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Haihui Xu resolved RANGER-2676. --- Fix Version/s: 1.2.1 Resolution: Fixed > Before obtaining AuthzAuditEvent Object should check > xasecure.audit.destination.xx value > > > Key: RANGER-2676 > URL: https://issues.apache.org/jira/browse/RANGER-2676 > Project: Ranger > Issue Type: Improvement > Components: audit, plugins >Affects Versions: 1.0.0, 1.1.0, 2.0.0, 1.2.0 >Reporter: Haihui Xu >Assignee: Haihui Xu >Priority: Critical > Labels: patch > Fix For: 1.2.1 > > Attachments: RANGER-2676.patch > > > When after evalute policy and then process the auditlog,need to obtain > AuditHandler Object and AuthzAuditEvent object > (1) AuditHandler object obtained when init plugin according to the value of > xasecure.audit.destination.db/solr/hdfs/... > (2) So, obtaining AuthzAuditEvent should also according to the value of > xasecure.audit.destination.db/solr/hdfs/...,or when AuditHandler is null or > dummyHandler, constructing AuthzAuditEvent object is useless which is very > frequently called and thus result in the performance decline of service(hdfs > namenode, kakfa broker,hiveserver2...) -- This message was sent by Atlassian Jira (v8.3.4#803005)
