Common errors
This section list the common issues that you might run into during the DLM installation.
- Access denied for user Beacon. Superuser privilege is required.
Beacon user should be setup as HDFS superuser.
Permission denied:
Beacon user should be setup as HDFS superuser.user=beacon, access=READ, inode="<some directory>":<user>:<group>:drwxr-xr-x
- Authentication failure while communicating to Ranger admin:
Check the ranger admin logs at /var/log/ranger/admin/xa_portal.log. If the error is ‘
Request failed. loginId=<beacon user>, logMessage=User is not allowed to access the API
’, make sure the Beacon user is setup as Ranger admin or even DLM engine restart will setup the required users and their permissions. -
org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAccessControlException:Permission denied: user [beacon] does not have [REPLADMIN] privilege on [`<dbname>`]
Beacon user should have repladmin privileges in Hive, please set up these Hive authorisation rules in Ranger.
-
Error while compiling statement:
FAILED: SemanticException org.apache.hadoop.security.AccessControlException: Permission denied: user=hive, access=EXECUTE, inode="/apps/hive/repl/563db5d9-caee-4015-b020-9cbd7bd8b41b/_dumpmetadata":beacon:hadoop:drwx------
Check that Hive is setup with
doas=false
. -
Hive replication fails with the following error in hiveserver2.log - ‘
Unauthorized connection for super-user: hive/<host>@EXAMPLE.COM from IP <ip>
’Hadoop.proxyuser.hive.hosts should be set to
*
-
org.apache.hadoop.security.authorize.AuthorizationException: User:beacon not allowed to do 'DECRYPT_EEK' on 'backup-encryption-key'
Beacon user should have access to encryption key used in TDE setup.
- On DLM UI, error in connecting to DLM engine.
- Replication job failing with Ranger authentication.