The property should be named hadoop.proxyuser.dcos.groups and
hadoop.proxyuser.dcos.groups if you are running HS2 as user dcos.
Also, user dcos should belong to the group dcos if that setting is to
work. I assume you are trying to have hive.server2.enable.doAs=true.
I am not sure why you are seeing different behavior with hive 1.2.1 .
On Wed, May 4, 2016 at 12:27 AM, kevin <email@example.com> wrote:
> I found hadoop info is :2016-05-04 13:49:33,785 INFO
> org.apache.hadoop.ipc.Server: Socket Reader #1 for port 9000:
> readAndProcess from client 10.1.3.120 threw exception
> [org.apache.hadoop.security.authorize.AuthorizationException: User: dcos is
> not allowed to impersonate dcos]
> and when I trun to hive1.2.1 the problem is gone. is hive2 not match
> 2016-05-04 11:29 GMT+08:00 kevin <firstname.lastname@example.org>:
>> hi all;
>> I use hive-2.0.0 with hadoop2.7.1 when I connect to the hiveserver2 I got
>> msg : Failed to open new session: java.lang.RuntimeException:
>> User: dcos is not allowed to impersonate dcos
>> dcos is the user i use start hiverserver2.
>> also I try to config hadoop core-site.xml whih : but not help
>> <description>Allow the superuser oozie to impersonate any members of
>> the group group1 and group2</description>
>> <description>The superuser can connect only from host1 and host2 to
>> impersonate a user</description>