[
https://issues.apache.org/jira/browse/IMPALA-3657?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tim Armstrong resolved IMPALA-3657.
-----------------------------------
Resolution: Not A Bug
> Permission upon insert are wrong in hive warehouse table files
> --------------------------------------------------------------
>
> Key: IMPALA-3657
> URL: https://issues.apache.org/jira/browse/IMPALA-3657
> Project: IMPALA
> Issue Type: Bug
> Components: Security
> Affects Versions: Impala 2.2.3
> Environment: Cluster is Kerberized and has sentry
> Reporter: Bala Chander
> Assignee: Tim Armstrong
> Priority: Minor
> Labels: security
>
> Found an issue with permissions on warehouse.
> The Warehouse /user/hive/warehouse was set to owner hive:hive with 771
> permissions recursively. User was granted write privilege on table (tbl-1) on
> database (db-1).
> Initially all grants were done with beeline.
> Next the user switched to impala-shell and inserted some data into tbl-1. The
> permissions on the new hdfs file was the following:
> ownership : impala:hive
> permissions: 751 i.e. read and execute on group.
> The user cannot use insert overwrite via beeline sine the group hive has read
> only permissions.
> The documentation:
> http://www.cloudera.com/documentation/enterprise/latest/topics/impala_insert.html
> has the following:
> Related startup options:
> By default, if an INSERT statement creates any new subdirectories underneath
> a partitioned table, those subdirectories are assigned default HDFS
> permissions for the impala user. To make each subdirectory have the same
> permissions as its parent directory in HDFS, specify the
> --insert_inherit_permissions startup option for the impalad daemon.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
