0


hive使用时的用户权限问题

0: jdbc:hive2://node1:10000> create role root;

Error: Error while processing statement: FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Current user : ljr is not allowed to add roles. User has to belong to ADMIN role and have it as current role, for this action. (state=08S01,code=1)

对于由于用户权限引起的报错,我们知道只要对用户进行授予相关的权限就可以解决问题,但是最令人疑惑的是,这个授权的boss是谁?我们可以从报错内容看出授权的必须是belong to ADMIN role and have it as current role(属于超级管理员的角色,并且是当前的角色),下面讨论怎么进行设置;

解决办法:

1、在hive-site.xml中指定超级管理员:

vim $HIVE_HOME/conf/hive-site.xml

<property>

<name>hive.users.in.admin.role</name>

<value>ljr</value>

</property>

2、通过beeline以ljr用户进入hive

beeline -u jdbc:hive2://node1:10000 -n ljr

分别执行以下操作

set hive.users.in.admin.role;

set role admin;

create role root;

到此可以发现用户ljr已经有了创建角色的权限;事实上ljr已经拥有了hive超级管理员的所有权限

比如:未进行set role admin;时ljr是无权将test库的权限开放给其他用户的

0: jdbc:hive2://node1:10000> grant all on database test to user root;

Error: Error while processing statement: FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask. Permission denied: Principal [name=ljr, type=USER] does not have following privileges for operation GRANT_PRIVILEGE [[SELECT with grant, INSERT with grant, UPDATE with grant, DELETE with grant] on Object [type=DATABASE, name=test]] (state=08S01,code=1)

但进行以上操作后可以发现ljr可以对test库进行授权了

0: jdbc:hive2://node1:10000> grant all on database test to user root;

0: jdbc:hive2://node1:10000> show grant user root;

标签: hive hadoop 大数据

本文转载自: https://blog.csdn.net/v15220/article/details/128280452
版权归原作者 独孤雨鸿 所有, 如有侵权,请联系我们删除。

“hive使用时的用户权限问题”的评论:

还没有评论