[
https://issues.apache.org/jira/browse/SPARK-5159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15074462#comment-15074462
]
Sen Fang commented on SPARK-5159:
---------------------------------
As of Spark 1.5.2, we have a similar issue that might be related to this JIRA.
I haven't test this in 1.6.0 just yet and will report back if it is still an
issue. The symptoms is that if the thriftserver is started by a user who
doesn't have permission to access the table directory on HDFS, even if a
correctly privileged user establish a SQL connection and execute a query, the
query will fail with the error message that the thriftserver start user doesn't
have permission to list the folder. However as in HIVE, the listing action
should have been performed on behalf of user instead. I can report back more
detailed steps to reproduce this problem when we test it under 1.6.0 to make
sure this issue still exists.
> Thrift server does not respect hive.server2.enable.doAs=true
> ------------------------------------------------------------
>
> Key: SPARK-5159
> URL: https://issues.apache.org/jira/browse/SPARK-5159
> Project: Spark
> Issue Type: Bug
> Components: SQL
> Affects Versions: 1.2.0
> Reporter: Andrew Ray
>
> I'm currently testing the spark sql thrift server on a kerberos secured
> cluster in YARN mode. Currently any user can access any table regardless of
> HDFS permissions as all data is read as the hive user. In HiveServer2 the
> property hive.server2.enable.doAs=true causes all access to be done as the
> submitting user. We should do the same.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
