我正在尝试将角色授予直线中的 AD 组。我面临以下错误。如果有人遇到同样的问题,请建议我解决的步骤。
GRANT ROLE role_test1 TO GROUP test1; 错误:处理语句时出错:FAILED:执行错误,从 org.apache.hadoop.hive.ql.exec.DDLTask 返回代码 1。主体 Principal [name=itops_hdp3_saie_archive_rw,type=GROUP] 中的主体类型无效(状态=08S01,代码=1)
问问题
1479 次
1 回答
0
One of the many, many, many critical informations that you did not give was: what Authorization Model do you use?
- with Ranger enabled (...not the case here...)
- with Sentry enabled (...not the case here...)
- with SQL Standard Based Hive Authorization you can GRANT privileges to a User or a Role, you can GRANT membership of a Role to a User -- but there is currently no concept of Group (see sources below); and it works only with HiveServer2, the Hive CLI does not enforce these privileges restrictions anyway
- with the Legacy Mode you could indeed GRANT privileges to a Group...
Some interesting sources:
> mail thread - Q: "Hive SQL based authorization don't have support for group?" -- A: "we haven’t added that feature" (2016-05-26)
> Hive unit tests - comment: "grant insert on group should fail" (was in SVN trunk as of 2016-09-21)
于 2016-09-21T21:14:29.950 回答