[
https://issues.apache.org/jira/browse/SENTRY-709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
niklaus xiao updated SENTRY-709:
--------------------------------
Comment: was deleted
(was: Hi, [~asuresh] I tried this patch and found that: when grant select
privilege on a table to role role1 in default database the "show tables"
command submitted by users in this role will failed because this user doesn't
have READ privilege on path "/user/hive/warehouse" dir, acl of this path is:
{quote}
hdfs dfs -getfacl /user/hive/warehouse
15/09/25 10:15:07 INFO hdfs.PeerCache: SocketCache disabled.
# file: /user/hive/warehouse
# owner: hive
# group: hive
user::rwx
group::---
user:hive:rwx
group:hive:rwx
mask::rwx
other::--x
{quote}
Besides, the same issue happens even if database is not default.)
> Refactor Sentry HDFS Namenode Plugin to use HDFS INodeAttributesProvider
> ------------------------------------------------------------------------
>
> Key: SENTRY-709
> URL: https://issues.apache.org/jira/browse/SENTRY-709
> Project: Sentry
> Issue Type: Improvement
> Reporter: Arun Suresh
> Assignee: Arun Suresh
> Labels: integration, roadmap
> Attachments: SENTRY-709.1.patch, SENTRY-709.2.patch,
> SENTRY-709.2.patch
>
>
> Sentry HDFS namenode plugin uses a pre-committed version of the HDFS
> AuthorizationProvider interface. HADOOP 2.7.0 will ship with the new
> INodeAttributesProvider interface.
> The Namenode plugin has to be refactored to use this new interface.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
