[ 
https://issues.apache.org/jira/browse/HIVE-18689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16363271#comment-16363271
 ] 

Sergey Shelukhin edited comment on HIVE-18689 at 2/14/18 12:20 AM:
-------------------------------------------------------------------

Discussed with [~ashutoshc] who doesn't want to restore this feature to master. 
Our current plan is to rely on new HDFS feature (ACLs) for inherit permissions 
functionality in 3.0, since Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough about this functionality to 
argue more about this.

We are basically making a conscious decision to rely on a brand new, never 
executed in production (and never even included in a released version as of 
now, as far as I know) feature for this crucial (for anyone using storage based 
auth) functionality with no possibility of fallback in case there's some issue 
with it; the kind of fall-back we had, and often used and still use, for every 
significant new feature in Hive from major e.g. CBO, Tez, LLAP, Vectorization, 
etc., to small optimizations.

I will just leave this patch here for the record (and in case if it's needed 
for forward ports) and handle ACID separately on 2.X branch in HIVE-18710.


was (Author: sershe):
Discussed with [~ashutoshc] who doesn't want to restore this feature to master. 
Our current plan is to rely on new HDFS feature (ACLs) for inherit permissions 
functionality in 3.0, since Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough about this functionality to 
argue more about this.

We are basically making a conscious decision to rely on a brand new, never 
executed in production (and never even included in a released version as of 
now, as far as I know) feature for this crucial (for anyone using storage based 
auth) functionality with no possibility of fallback in case there's some issue 
with it; the kind of fall-back we had, and often used and still use, for every 
significant new feature in Hive from major e.g. CBO, Tez, LLAP, Vectorization, 
etc., to small optimizations).

I will just leave this patch here for the record (and in case if it's needed 
for forward ports) and handle ACID separately on 2.X branch in HIVE-18710.

> restore inheritPerms functionality and extend it to ACID
> --------------------------------------------------------
>
>                 Key: HIVE-18689
>                 URL: https://issues.apache.org/jira/browse/HIVE-18689
>             Project: Hive
>          Issue Type: Bug
>          Components: Transactions
>            Reporter: Sergey Shelukhin
>            Assignee: Sergey Shelukhin
>            Priority: Major
>         Attachments: HIVE-18689.patch
>
>
> This functionality was removed for no clear reason (if it doesn't apply to 
> some use case it can just be disabled).
> It's still in use; in fact, it should be extended to ACID table 
> subdirectories.
> This patch restores the functionality with some cleanup (to not access config 
> everywhere, mostly), disables it by default, and extends it to ACID tables.
> There's a coming HDFS feature that will automatically inherit permissions. 
> When that is shipped in a non-beta version and stabilized a bit, we can 
> remove this functionality... however I dunno if that is good for other 
> potential use cases, like non-HDFS file systems that do have a concept of a 
> directory (Isilon?)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to