Eugene Chung created HIVE-23296:
-----------------------------------
Summary: Setting Tez caller ID with the Hive session user
Key: HIVE-23296
URL: https://issues.apache.org/jira/browse/HIVE-23296
Project: Hive
Issue Type: Improvement
Components: Tez
Reporter: Eugene Chung
Assignee: Eugene Chung
Attachments: Screen Shot 2020-04-24 at 17.20.34.png
On the kerberized Hadoop environment, a submitter of an YARN job is the name
part of the Hive server principal. A caller ID of the job is made of the OS
user of the Hive server process.
The view and modify ACLs of the Hive server admin for all Tez tasks are set by
org.apache.hadoop.hive.ql.exec.tez.TezTask#setAccessControlsForCurrentUser() so
that the admin can see all tasks from tez-ui. But the admin hardly knows who
executed each query.
I suggest to change the caller ID to include the actual Hive user. If the user
is not known, the OS user of the Hive server process is included as is.
!Screen Shot 2020-04-24 at 17.20.34.png|width=683,height=29!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
