[ https://issues.apache.org/jira/browse/IMPALA-3657?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tim Armstrong resolved IMPALA-3657. ----------------------------------- Resolution: Not A Bug > Permission upon insert are wrong in hive warehouse table files > -------------------------------------------------------------- > > Key: IMPALA-3657 > URL: https://issues.apache.org/jira/browse/IMPALA-3657 > Project: IMPALA > Issue Type: Bug > Components: Security > Affects Versions: Impala 2.2.3 > Environment: Cluster is Kerberized and has sentry > Reporter: Bala Chander > Assignee: Tim Armstrong > Priority: Minor > Labels: security > > Found an issue with permissions on warehouse. > The Warehouse /user/hive/warehouse was set to owner hive:hive with 771 > permissions recursively. User was granted write privilege on table (tbl-1) on > database (db-1). > Initially all grants were done with beeline. > Next the user switched to impala-shell and inserted some data into tbl-1. The > permissions on the new hdfs file was the following: > ownership : impala:hive > permissions: 751 i.e. read and execute on group. > The user cannot use insert overwrite via beeline sine the group hive has read > only permissions. > The documentation: > http://www.cloudera.com/documentation/enterprise/latest/topics/impala_insert.html > has the following: > Related startup options: > By default, if an INSERT statement creates any new subdirectories underneath > a partitioned table, those subdirectories are assigned default HDFS > permissions for the impala user. To make each subdirectory have the same > permissions as its parent directory in HDFS, specify the > --insert_inherit_permissions startup option for the impalad daemon. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org