[ 
https://issues.apache.org/jira/browse/RANGER-1680?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Saniuk updated RANGER-1680:
----------------------------------
    Summary: Hive user can't read from HDFS when trying to "LOAD DATA INPATH" 
in spite of HDFS access is granted by Ranger   (was: Hive user can't read from 
HDFS when trying to "LOAD DATA INPATH" inspite of HDFS access is granted by 
Ranger)

> Hive user can't read from HDFS when trying to "LOAD DATA INPATH" in spite of 
> HDFS access is granted by Ranger 
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-1680
>                 URL: https://issues.apache.org/jira/browse/RANGER-1680
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>         Environment: HDP26 cluster protected with ranger
>            Reporter: Andrei Saniuk
>
> I've enabled hive.server2.enable.doAs=false and granted all permissions for 
> source file path in HDFS to user 'hive'. When I'm trying to load data into 
> internal table, an error occures
> {code}INFO : Loading data to table tablename from 
> hdfs://myclusterhdfs:8020/user/test/ ERROR : Failed with exception 
> org.apache.hadoop.security.AccessControlException: Permission denied. 
> user=hive is not the owner of inode=sometext.txt at 
> org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkOwner(FSPermissionChecker.java:250)
>  at 
> org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkPermission(FSPermissionChecker.java:227)
>  at 
> org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer$RangerAccessControlEnforcer.checkPermission(RangerHd
>  fsAuthorizer.java:307){code}
> Inspite of this, data is loaded into table. The file is copied into 
> /apps/hive/mytable, but its owner is not user 'hive'



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to