HIVE-78 is what we all are waiting for :)
The hack you suggest below should be a valid interim solution, just make
sure the read-only clients have their own hive-site.xml with the proper
user/pass for the read only account, e.g.
<property>
<name>javax.jdo.option.ConnectionUserName</name>
<value>read-only-user</value>
</property>
<property>
<name>javax.jdo.option.ConnectionPassword</name>
<value>xxxxx</value>
</property>
see this for more details:
http://wiki.apache.org/hadoop/Hive/AdminManual/MetastoreAdmin
-- amr
On 1/13/2010 10:49 PM, Oscar Gothberg wrote:
Hi,
is there a way to set up users with read-only users in Hive, so that I
can have one user with write privileges that runs ETL and updates the
warehouse, adds partitions, etc, and one or more 'read-only' users
that would be able to execute SELECTs, etc, but not DDL type statements?
I'd be interested how others out there solve having separation between
producers that feed and update the data warehouse one one hand, and
the consumers on the other.
From what I understand Hive doesn't have a lot of multiuser support
yet (as described in HIVE-78 etc). Maybe one possibility could be to
have 'read-only' users use a different account in the mysql metastore
without write privileges, and have any DDL statements from such users
fail due to metastore errors, but hopefully there's a cleaner way?
Thanks,
/ Oscar
