Trying to configure the HIVE plugin for Kerberised, HA, HDP 2.4.2. Advanced ranger-hive-plugin-properties: Ranger repository config user = rangerrepouser@AD.EXAMPLE<mailto:rangerrepouser@AD.EXAMPLE> Ranger repository config password = password common.name.for.certificate = jdbc.driverClassName= org.apache.hive.jdbc.HiveDriver Policy user for HIVE = ambari-qa
Ranger Hive pluging configs: Username = rangerrepouser@MAILTRACK.LOCAL<mailto:rangerrepouser@MAILTRACK.LOCAL> Password = password jdbc.driverClassName= org.apache.hive.jdbc.HiveDriver jdbc.url = jdbc:hive2://hdpmaster01:10000/default;principal=hive/hdpmaster01@AD.EXAMPLE 2016-06-15 17:47:01,270 [timed-executor-pool-0] INFO org.apache.ranger.plugin.client.BaseClient (BaseClient.java:100) - Init Login: using username/password 2016-06-15 17:47:01,377 [timed-executor-pool-0] INFO apache.ranger.services.hive.client.HiveClient (HiveClient.java:66) - Secured Mode: JDBC Connection done with preAuthenticated Subject 2016-06-15 17:47:01,492 [timed-executor-pool-0] ERROR apache.ranger.services.hive.client.HiveResourceMgr (HiveResourceMgr.java:51) - <== HiveResourceMgr.testConnection Error: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]. 2016-06-15 17:47:01,493 [timed-executor-pool-0] ERROR org.apache.ranger.services.hive.RangerServiceHive (RangerServiceHive.java:58) - <== RangerServiceHive.validateConfig Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]. 2016-06-15 17:47:01,493 [timed-executor-pool-0] ERROR org.apache.ranger.biz.ServiceMgr$TimedCallable (ServiceMgr.java:434) - TimedCallable.call: Error:org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]. 2016-06-15 17:47:01,494 [http-bio-6080-exec-12] ERROR org.apache.ranger.biz.ServiceMgr (ServiceMgr.java:120) - ==> ServiceMgr.validateConfig Error:java.util.concurrent.ExecutionException: org.apache.ranger.plugin.client.HadoopException: Unable to execute SQL [show databases like "*"]. I can successfully connect to beeline using: $ beeline -u 'jdbc:hive2://hdpmaster01:10000/default;principal=hive/hdpmaster01@AD.EXAMPLE' But then if I do 'SHOW DATABASES', I see the following error: Error: Error while compiling statement: FAILED: HiveAccessControlException Permission denied: user [dale] does not have [USE] privilege on [null] (state=42000,code=40000) Any ideas how to get this working? Thanks, Dale
