[
https://issues.apache.org/jira/browse/HIVE-6907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13968936#comment-13968936
]
Vaibhav Gumashta commented on HIVE-6907:
----------------------------------------
[~thejas] Thanks for fixing the issue.
Here is the root cause: ideally when a foreground thread creates a background
thread, the thread's Access Control Context is inherited
(http://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/security-spec.doc4.html).
However, in our case, we're using a thread pool; so threads are not
necessarily created by the foreground thread. Therefore, an explicit doAs is
necessary when switching to background thread.
> HiveServer2 - wrong user gets used for metastore operation with embedded
> metastore
> ----------------------------------------------------------------------------------
>
> Key: HIVE-6907
> URL: https://issues.apache.org/jira/browse/HIVE-6907
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Affects Versions: 0.13.0
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Blocker
> Attachments: HIVE-6907.1.patch, HIVE-6907.2.patch
>
>
> When queries are being run concurrently against HS2, sometimes the wrong user
> ends performing the metastore action and you get an error like -
> {code}
> ..INFO|java.sql.SQLException: Error while processing statement: FAILED:
> Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask.
> MetaException(message:java.security.AccessControlException: action WRITE not
> permitted on path hdfs://example.net:8020/apps/hive/warehouse/tbl_4eeulg9zp4
> for user hrt_qa)
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
