Oleksandr Polishchuk created HIVE-21532:
-------------------------------------------
Summary: RuntimeException due to AccessControlException during
creating hive-staging-dir
Key: HIVE-21532
URL: https://issues.apache.org/jira/browse/HIVE-21532
Project: Hive
Issue Type: Bug
Reporter: Oleksandr Polishchuk
The bug was found with environment - Hive-2.3.
Steps lead to an exception:
1) Create user without root permissions on your node.
2) The {{hive-site.xml}} file has to contain the next properties:
{code:java}
<property>
<name>hive.security.authorization.enabled</name>
<value>true</value>
</property>
<property>
<name>hive.security.authorization.manager</name>
<value>org.apache.hadoop.hive.ql.security.authorization.plugin.fallback.FallbackHiveAuthorizerFactory</value>
</property>
{code}
3) Open Hive CLI and do next query:
{code:java}
insert overwrite local directory '/tmp/test_dir' row format delimited fields
terminated by ',' select * from temp.test;
{code}
The previous query will fails with the next exception:
{code:java}
FAILED: RuntimeException Cannot create staging directory
'hdfs:///tmp/test_dir/.hive-staging_hive_2019-03-28_11-51-05_319_5882446299335967521-1':
User testuser(user id 3456) has been denied access to create
.hive-staging_hive_2019-03-28_11-51-05_319_5882446299335967521-1
{code}
The investigation shows that if delete the mentioned above properties from
{{hive-site.xml}} and pass {{`queryTmpdir`}} instead of {{`dest_path`}} in the
{{org.apache.hadoop.hive.ql.Context#getTempDirForPath()}} as was in the
Hive-2.1. everything will be fine. The current method is using in the
{{org.apache.hadoop.hive.ql.parse.SemanticAnalyzer}} - {{String statsTmpLoc =
ctx.getTempDirForPath(dest_path).toString();}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
