I'm using Ambari 2.5.0.3 with Hive 1.2.1 and have configured the authentication using PAM, following this link But when I try to connect to hive using jdbc it throws the following error:
WARN jdbc.HiveConnection: Failed to connect to localhost:10500 Error: Could not open client transport with JDBC Uri: jdbc:hive2://localhost:10500: Peer indicated failure: Error validating the login (state=08S01,code=0)
Using user hive the authentication goes, but with any other user it fails. The user that I'm trying to login with has a home folder in hdfs.
Does anybody know how to fix this?
UPDATE
When I try to login the /var/log/secure display:
Sep 1 20:31:36 ip-10-45-1-128 java: pam_securetty(login:auth): cannot determine user's tty Sep 1 20:31:36 ip-10-45-1-128 java: pam_unix(login:auth): check pass; user unknown Sep 1 20:31:36 ip-10-45-1-128 java: pam_unix(login:auth): authentication failure; logname= uid=1001 euid=1001 tty= ruser= rhost=
Although the user that I'm using is 1018 it's showing that it's trying to login with user 1001 which is hive uid in the system.
If you read article contents which you followed carefully, then you will find you are making
/etc/shadowreadable by root and users belonging to hive group only. Following are commands used for same.The /etc/shadow file is readble by root user and users from hive group. Hence when user except hive try to connect using jdbc , authentication fails.
Ideally this is not good idea to make shadow file world readable but if you have get hive connection working for all users then shadow should be world readable.