Thursday, December 28, 2017

Permission issue after Sentry enabled for HDFS/HIVE/Impala/Hue

Original few tables created under user donghua, now zero table showed through “show tables” command:

0: jdbc:hive2://cdh-vm.> show tables;
| tab_name  |
No rows selected (0.386 seconds)

Permission denied for create table:

0: jdbc:hive2://cdh-vm.> create table employee3 (id int, name string);
Error: Error while compiling statement: FAILED: SemanticException No valid privileges
  User donghua does not have privileges for CREATETABLE
  The required privileges: Server=server1->Db=default->action=*; (state=42000,code=40000)

Quick solution:

login hive as user hive, and grant all permission to donghua; (refer to URL here if help needed to login as hive after kerboros enabled:

create role analyst_role;
grant all on database default to role analyst_role;
grant role analyst_role to donghua;