[ 
https://issues.apache.org/jira/browse/HIVE-18689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16363271#comment-16363271
 ] 

Sergey Shelukhin edited comment on HIVE-18689 at 2/14/18 12:18 AM:
-------------------------------------------------------------------

Discussed with [~ashutoshc] who doesn't want to restore this feature to master. 
Our current plan is to rely on new HDFS feature (ACLs) for inherit permissions 
functionality in 3.0, since Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough about this functionality to 
argue more about this.

We are basically making a conscious decision to rely on a brand new, never 
executed in production (and never even included in a released version as of 
now, as far as I know) feature for this crucial (to anyone using storage based 
auth) functionality with no possibility of fallback in case there's some issue 
with it (which we have or had for every significant new feature in Hive from 
major e.g. CBO, Tez, LLAP, Vectorization, etc., to small optimizations).

I will just leave this patch here for the record (and in case if it's needed 
for forward ports) and handle ACID separately on 2.X branch in HIVE-18710.


was (Author: sershe):
Discussed with [~ashutoshc] who doesn't want to restore this feature to master. 
Our current plan is to rely on new HDFS feature (ACLs) for inherit permissions 
functionality in 3.0, since Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough to argue more about this.

We are basically making a conscious decision to rely on a brand new, never 
executed in production (and never even included in a released version as of 
now, as far as I know) feature for this crucial (to anyone using storage based 
auth) functionality with no possibility of fallback in case there's some issue 
with it (which we have or had for every significant new feature in Hive from 
major e.g. CBO, Tez, LLAP, Vectorization, etc., to small optimizations).

I will just leave this patch here for the record (and in case if it's needed 
for forward ports) and handle ACID separately on 2.X branch in HIVE-18710.

> restore inheritPerms functionality and extend it to ACID
> --------------------------------------------------------
>
>                 Key: HIVE-18689
>                 URL: https://issues.apache.org/jira/browse/HIVE-18689
>             Project: Hive
>          Issue Type: Bug
>          Components: Transactions
>            Reporter: Sergey Shelukhin
>            Assignee: Sergey Shelukhin
>            Priority: Major
>         Attachments: HIVE-18689.patch
>
>
> This functionality was removed for no clear reason (if it doesn't apply to 
> some use case it can just be disabled).
> It's still in use; in fact, it should be extended to ACID table 
> subdirectories.
> This patch restores the functionality with some cleanup (to not access config 
> everywhere, mostly), disables it by default, and extends it to ACID tables.
> There's a coming HDFS feature that will automatically inherit permissions. 
> When that is shipped in a non-beta version and stabilized a bit, we can 
> remove this functionality... however I dunno if that is good for other 
> potential use cases, like non-HDFS file systems that do have a concept of a 
> directory (Isilon?)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to