[
https://issues.apache.org/jira/browse/RANGER-1680?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrei Saniuk updated RANGER-1680:
----------------------------------
Summary: Hive user can't read from HDFS when trying to "LOAD DATA INPATH"
in spite of HDFS access is granted by Ranger (was: Hive user can't read from
HDFS when trying to "LOAD DATA INPATH" inspite of HDFS access is granted by
Ranger)
> Hive user can't read from HDFS when trying to "LOAD DATA INPATH" in spite of
> HDFS access is granted by Ranger
> --------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-1680
> URL: https://issues.apache.org/jira/browse/RANGER-1680
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Environment: HDP26 cluster protected with ranger
> Reporter: Andrei Saniuk
>
> I've enabled hive.server2.enable.doAs=false and granted all permissions for
> source file path in HDFS to user 'hive'. When I'm trying to load data into
> internal table, an error occures
> {code}INFO : Loading data to table tablename from
> hdfs://myclusterhdfs:8020/user/test/ ERROR : Failed with exception
> org.apache.hadoop.security.AccessControlException: Permission denied.
> user=hive is not the owner of inode=sometext.txt at
> org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkOwner(FSPermissionChecker.java:250)
> at
> org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkPermission(FSPermissionChecker.java:227)
> at
> org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer$RangerAccessControlEnforcer.checkPermission(RangerHd
> fsAuthorizer.java:307){code}
> Inspite of this, data is loaded into table. The file is copied into
> /apps/hive/mytable, but its owner is not user 'hive'
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
