[
https://issues.apache.org/jira/browse/HIVE-2616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13660463#comment-13660463
]
Zhuoluo (Clark) Yang commented on HIVE-2616:
--------------------------------------------
Hi!
I am curious about this patch, what will happen if
"hive.metastore.sasl.enabled" is NOT enabled and
"hive.metastore.execute.setugi" is set.
Look into it from the code, I think the ugi is passed to the HMS and meaning
nothing. The HMS will create/delete HDFS dir use the server side UGI.
Is there a way to use client side ugi to let HMS manipulate HDFS without
hive.metastore.sasl.enabled?
> Passing user identity from metastore client to server in non-secure mode
> ------------------------------------------------------------------------
>
> Key: HIVE-2616
> URL: https://issues.apache.org/jira/browse/HIVE-2616
> Project: Hive
> Issue Type: New Feature
> Components: Metastore
> Reporter: Ashutosh Chauhan
> Assignee: Ashutosh Chauhan
> Fix For: 0.8.1, 0.9.0
>
> Attachments: hive-2616_1.patch, hive-2616_3.patch, hive-2616_4.patch,
> hive-2616_5.patch, hive-2616.patch
>
>
> Currently in unsecure mode client don't pass on user identity. As a result
> hdfs and other operations done by server gets executed by user running
> metastore process instead of being done in context of client. This results in
> problem as reported here:
> http://mail-archives.apache.org/mod_mbox/hive-user/201111.mbox/%3CCAK0mCrRC3aPqtRHDe2J25Rm0JX6TS1KXxd7KPjqJjoqBjg=a...@mail.gmail.com%3E
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
