Vihang Karajgaonkar created IMPALA-8550: -------------------------------------------
Summary: Sentry refresh privileges has race conditions Key: IMPALA-8550 URL: https://issues.apache.org/jira/browse/IMPALA-8550 Project: IMPALA Issue Type: Bug Reporter: Vihang Karajgaonkar Recently, I encountered a race condition in \{{SentryProxy}}'s refreshSentryAuthorization loop. The race happens when Sentry server is slow to update its information based on changes in HMS. Consider the following scenario: # Impala session from user A creates a database/table. # AuthorizationManager will updateDatabaseOwnerPrivilege [here|[https://github.com/apache/impala/blob/master/fe/src/main/java/org/apache/impala/service/CatalogOpExecutor.java#L1159]] Note that this add adds the user privilege in Catalog's cache out-of-band (without confirming that Sentry has added this privilege in its database) # Assume that Sentry is slow to update its database of roles/privileges. (Actually depending on the timing of these events, it doesn't really matter but likely increases if Sentry is slow. # The refreshSentryAuthorization loop is triggered based on a configured interval [here|[https://github.com/apache/impala/blob/master/fe/src/main/java/org/apache/impala/authorization/sentry/SentryProxy.java#L174]]. Since Sentry has not yet updated its database of the owner information, this loop will remove the privilege from Catalog. Any subsequent SQL which requires privileges will fail until Sentry is synced and refresh loop adds this privilege again the catalog cache. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-all-unsubscr...@impala.apache.org For additional commands, e-mail: issues-all-h...@impala.apache.org