[jira] [Created] (HIVE-12417) Support for exclamation mark missing in regexp
Olaf Flebbe created HIVE-12417:
--
Summary: Support for exclamation mark missing in regexp
Key: HIVE-12417
URL: https://issues.apache.org/jira/browse/HIVE-12417
Project: Hive
Issue Type: Bug
Affects Versions: 1.2.1
Reporter: Olaf Flebbe
Assignee: Olaf Flebbe
with HIVE-6013 gets support for regular expressions. However, die ! character
is valid, too. It is needed for expressions like
{code}
set hive.support.quoted.identifiers = none;
select '^(?!donotuseme).*$ from table;
{code}
which is the idiom to select all but column {{donotuseme}} .
See http://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for a
reference of supported chars in Java regexp.
The patch simply fixes the lexer to support '!' as REGEX char. And does simply
work.
Please review.
If you like to have an iTest for it, I beg you to help me. I tried several days
on a different issue to figure out how it is supposed to work and failed
miserably.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (HIVE-11175) create function using jar does not work with sql std authorization
Olaf Flebbe created HIVE-11175:
--
Summary: create function using jar does not work with sql std
authorization
Key: HIVE-11175
URL: https://issues.apache.org/jira/browse/HIVE-11175
Project: Hive
Issue Type: Bug
Components: Authorization
Affects Versions: 1.2.0
Reporter: Olaf Flebbe
Fix For: 2.0.0
{{create function xxx as 'xxx' using jar 'file://foo.jar' }}
gives error code for need of accessing a local foo.jar resource with ADMIN
privileges. Same for HDFS (DFS_URI) .
problem is that the semantic analysis enforces the ADMIN privilege for write
but the jar is clearly input not output.
Patch und Testcase appendend.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (HIVE-10240) Patch HIVE-9473 breaks KERBEROS
Olaf Flebbe created HIVE-10240:
--
Summary: Patch HIVE-9473 breaks KERBEROS
Key: HIVE-10240
URL: https://issues.apache.org/jira/browse/HIVE-10240
Project: Hive
Issue Type: Bug
Components: Authentication, HiveServer2
Affects Versions: 1.0.0
Reporter: Olaf Flebbe
Fix For: 1.0.1
The patch from HIVE-9473 introduces a regression. Hive-Server2 does not start
properly any more for our config (more or less the bigtop environment)
sql std auth enabled, enableDoAs disabled, tez enabled, kerberos enabled.
Problem seems to be that the kerberos ticket is not present when hive-server2
tries first to access HDFS. When HIVE-9473 is reverted getting the ticket is
one of the first things hive-server2 does.
Posting startup of vanilla hive-1.0.0 and startup of a hive-1.0.0 with this
commit revoked, where hive-server2 correctly starts.
{code}
commit 35582c2065a6b90b003a656bdb3b0ff08b0c35b9
Author: Thejas Nair
Date: Fri Jan 30 00:05:50 2015 +
HIVE-9473 : sql std auth should disallow built-in udfs that allow any java
methods to be called (Thejas Nair, reviewed by Jason Dere)
git-svn-id:
https://svn.apache.org/repos/asf/hive/branches/branch-1.0@1655891
13f79535-47bb-0310-9956-ffa450edef68
{code}
revoked.
Startup of vanilla hive-1.0.0 hive-server2
{code}
STARTUP_MSG: build =
git://os2-debian80/net/os2-debian80/fs1/olaf/bigtop/output/hive/hive-1.0.0 -r
813996292c9f966109f990127ddd5673cf813125; compiled by 'olaf' on Tue Apr 7
09:33:01 CEST 2015
/
2015-04-07 10:23:52,579 INFO [main]: server.HiveServer2
(HiveServer2.java:startHiveServer2(292)) - Starting HiveServer2
2015-04-07 10:23:53,104 INFO [main]: metastore.HiveMetaStore
(HiveMetaStore.java:newRawStore(556)) - 0: Opening raw store with implemenation
class:org.apache.hadoop.hive.metastore.ObjectStore
2015-04-07 10:23:53,135 INFO [main]: metastore.ObjectStore
(ObjectStore.java:initialize(264)) - ObjectStore, initialize called
2015-04-07 10:23:54,775 INFO [main]: metastore.ObjectStore
(ObjectStore.java:getPMF(345)) - Setting MetaStore object pin classes with
hive.metastore.cache.pinobjtypes="Table,StorageDescriptor,SerDeInfo,Pa
rtition,Database,Type,FieldSchema,Order"
2015-04-07 10:23:56,953 INFO [main]: metastore.MetaStoreDirectSql
(MetaStoreDirectSql.java:(132)) - Using direct SQL, underlying DB is DERBY
2015-04-07 10:23:56,954 INFO [main]: metastore.ObjectStore
(ObjectStore.java:setConf(247)) - Initialized ObjectStore
2015-04-07 10:23:57,275 INFO [main]: metastore.HiveMetaStore
(HiveMetaStore.java:createDefaultRoles_core(630)) - Added admin role in
metastore
2015-04-07 10:23:57,276 INFO [main]: metastore.HiveMetaStore
(HiveMetaStore.java:createDefaultRoles_core(639)) - Added public role in
metastore
2015-04-07 10:23:58,241 WARN [main]: ipc.Client (Client.java:run(675)) -
Exception encountered while connecting to the server :
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException:
No valid credentials provided (Mechanism level: Failed to find any Kerberos
tgt)]
2015-04-07 10:23:58,248 WARN [main]: ipc.Client (Client.java:run(675)) -
Exception encountered while connecting to the server :
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException:
No valid credentials provided (Mechanism level: Failed to find any Kerberos
tgt)]
2015-04-07 10:23:58,249 INFO [main]: retry.RetryInvocationHandler
(RetryInvocationHandler.java:invoke(140)) - Exception while invoking
getFileInfo of class ClientNamenodeProtocolTranslatorPB over
node2.proto.bsi.de/192.168.100.22:8020 after 1 fail over attempts. Trying to
fail over immediately.
java.io.IOException: Failed on local exception: java.io.IOException:
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException:
No valid credentials provided (Mechanism level: Failed to find any Kerberos
tgt)]; Host Details : local host is: "node2.proto.bsi.de/192.168.100.22";
destination host is: "node2.proto.bsi.de":8020;
at org.apache.hadoop.net.NetUtils.wrapException(NetUtils.java:772)
at org.apache.hadoop.ipc.Client.call(Client.java:1472)
at org.apache.hadoop.ipc.Client.call(Client.java:1399)
at
org.apache.hadoop.ipc.ProtobufRpcEngine$Invoker.invoke(ProtobufRpcEngine.java:232)
at com.sun.proxy.$Proxy14.getFileInfo(Unknown Source)
at
org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolTranslatorPB.getFileInfo(ClientNamenodeProtocolTranslatorPB.java:752)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
[jira] [Created] (HIVE-9941) sql std authorization on partitioned table: truncate and insert
Olaf Flebbe created HIVE-9941:
-
Summary: sql std authorization on partitioned table: truncate and
insert
Key: HIVE-9941
URL: https://issues.apache.org/jira/browse/HIVE-9941
Project: Hive
Issue Type: Bug
Components: Authorization
Affects Versions: 0.14.0
Reporter: Olaf Flebbe
sql std authorization works as expected.
However if a table is partitioned any user can truncate it
User foo:
{code}
create table bla (a string) partitioned by (b string);
#.. loading values ...
{code}
Admin:
{code}
0: jdbc:hive2://localhost:1/default> set role admin;
No rows affected (0,074 seconds)
0: jdbc:hive2://localhost:1/default> show grant on bla;
+---+++-+-+-++---++--+--+
| database | table | partition | column | principal_name | principal_type
| privilege | grant_option | grant_time | grantor |
+---+++-+-+-++---++--+--+
| default | bla|| | foo | USER
| DELETE | true | 1426158997000 | foo |
| default | bla|| | foo | USER
| INSERT | true | 1426158997000 | foo |
| default | bla|| | foo | USER
| SELECT | true | 1426158997000 | foo |
| default | bla|| | foo | USER
| UPDATE | true | 1426158997000 | foo |
+---+++-+-+-++---++--+--+
{code}
now user olaf
{code}
0: jdbc:hive2://localhost:1/default> select * from bla;
Error: Error while compiling statement: FAILED: HiveAccessControlException
Permission denied: Principal [name=olaf, type=USER] does not have following
privileges for operation QUERY [[SELECT] on Object [type=TABLE_OR_VIEW,
name=default.bla]] (state=42000,code=4)
{code}
_BUT_
{code}
0: jdbc:hive2://localhost:1/default> truncate table bla;
No rows affected (0,18 seconds)
{code}
And table is empty afterwards.
Similarily: {{insert into table}} works, too.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HIVE-8953) 0.5.2-SNAPSHOT Dependency
[ https://issues.apache.org/jira/browse/HIVE-8953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14225937#comment-14225937 ] Olaf Flebbe commented on HIVE-8953: --- Seems to be fixed in 0.14 branch. Any plans to release a 0.14.1 an urgent bug-fix release? > 0.5.2-SNAPSHOT Dependency > - > > Key: HIVE-8953 > URL: https://issues.apache.org/jira/browse/HIVE-8953 > Project: Hive > Issue Type: Bug >Affects Versions: 0.14.0 > Environment: Compiling for Apache BIGTOP. >Reporter: Olaf Flebbe > > I have the issue that hive shim 0.23 needs tez Version 0.5.2-SNAPSHOT. > Hm, I have no clue what SNAPSHOT of Apache Tez should be used. There is no > 0.5.2-SNAPSHOT in Maven Central Repository. > Can I use 0.5.2 ? (This seems to be released) > This relates to: [HIVE-8614] I have the same problem as the reporter. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (HIVE-8953) 0.5.2-SNAPSHOT Dependency
Olaf Flebbe created HIVE-8953: - Summary: 0.5.2-SNAPSHOT Dependency Key: HIVE-8953 URL: https://issues.apache.org/jira/browse/HIVE-8953 Project: Hive Issue Type: Bug Affects Versions: 0.14.0 Environment: Compiling for Apache BIGTOP. Reporter: Olaf Flebbe I have the issue that hive shim 0.23 needs tez Version 0.5.2-SNAPSHOT. Hm, I have no clue what SNAPSHOT of Apache Tez should be used. There is no 0.5.2-SNAPSHOT in Maven Central Repository. Can I use 0.5.2 ? (This seems to be released) This relates to: [HIVE-8614] I have the same problem as the reporter. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (HIVE-8939) Liste der Dienste die Authentisierung benötigen
[ https://issues.apache.org/jira/browse/HIVE-8939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Olaf Flebbe resolved HIVE-8939. --- Resolution: Invalid Wrong JIRA ;-( > Liste der Dienste die Authentisierung benötigen > --- > > Key: HIVE-8939 > URL: https://issues.apache.org/jira/browse/HIVE-8939 > Project: Hive > Issue Type: Bug >Reporter: Olaf Flebbe > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (HIVE-8939) Liste der Dienste die Authentisierung benötigen
Olaf Flebbe created HIVE-8939: - Summary: Liste der Dienste die Authentisierung benötigen Key: HIVE-8939 URL: https://issues.apache.org/jira/browse/HIVE-8939 Project: Hive Issue Type: Bug Reporter: Olaf Flebbe -- This message was sent by Atlassian JIRA (v6.3.4#6332)
