[
https://issues.apache.org/jira/browse/HIVE-20521?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thejas M Nair updated HIVE-20521:
---------------------------------
Description:
This is a result of changes in HIVE-18858.
As described by [~puneetj] in HIVE-18858 -
{quote}
This seems to have broken working scenarios with Hive MR. We now see
hadoop.tmp.dir is always set to /tmp/hadoop-hive (in job.xml). This creates
problems on a multi-tenant hadoop cluster since ownership of tmp folder is set
to the user who executes the jobs first and other users fails to write to tmp
folder.
E.g. User1 run job and /tmp/hadoop-hive is created on worker node with
ownership to user1 and sibsequently user2 tries to run a job and job fails due
to no write permission on /tmp/hadoop-hive/
Old behavior allowed multiple tenants to write to their respective tmp folders
which was secure and contention free. User1 - /tmp/hadoop-user1, User2 -
/tmp/hadoop-user2.
{quote}
The change in HIVE-18858 causes variable expansion to happen in HiveServer2,
while it was happening in the tasks (ExecMapper, ExecReducer) before that
change. THis causes "/tmp/hadoop-{user.name}" to be expanded as
/tmp/hadoop-hive instead of /tmp/hadoop-user1
was:
This is a result of changes in HIVE-18858.
As described by [~puneetj] in HIVE-18858 -
{quote}
This seems to have broken working scenarios with Hive MR. We now see
hadoop.tmp.dir is always set to /tmp/hadoop-hive (in job.xml). This creates
problems on a multi-tenant hadoop cluster since ownership of tmp folder is set
to the user who executes the jobs first and other users fails to write to tmp
folder.
E.g. User1 run job and /tmp/hadoop-hive is created on worker node with
ownership to user1 and sibsequently user2 tries to run a job and job fails due
to no write permission on /tmp/hadoop-hive/
Old behavior allowed multiple tenants to write to their respective tmp folders
which was secure and contention free. User1 - /tmp/hadoop-user1, User2 -
/tmp/hadoop-user2.
{quote}
> HS2 doAs=true has permission issue with hadoop.tmp.dir, with MR and S3A
> filesystem
> ----------------------------------------------------------------------------------
>
> Key: HIVE-20521
> URL: https://issues.apache.org/jira/browse/HIVE-20521
> Project: Hive
> Issue Type: Improvement
> Affects Versions: 3.0.0, 3.1.0
> Reporter: Thejas M Nair
> Assignee: Thejas M Nair
> Priority: Major
> Attachments: HIVE-20521.1.patch, HIVE-20521.2.patch,
> HIVE-20521.2.patch
>
>
> This is a result of changes in HIVE-18858.
> As described by [~puneetj] in HIVE-18858 -
> {quote}
> This seems to have broken working scenarios with Hive MR. We now see
> hadoop.tmp.dir is always set to /tmp/hadoop-hive (in job.xml). This creates
> problems on a multi-tenant hadoop cluster since ownership of tmp folder is
> set to the user who executes the jobs first and other users fails to write to
> tmp folder.
> E.g. User1 run job and /tmp/hadoop-hive is created on worker node with
> ownership to user1 and sibsequently user2 tries to run a job and job fails
> due to no write permission on /tmp/hadoop-hive/
> Old behavior allowed multiple tenants to write to their respective tmp
> folders which was secure and contention free. User1 - /tmp/hadoop-user1,
> User2 - /tmp/hadoop-user2.
> {quote}
>
> The change in HIVE-18858 causes variable expansion to happen in HiveServer2,
> while it was happening in the tasks (ExecMapper, ExecReducer) before that
> change. THis causes "/tmp/hadoop-{user.name}" to be expanded as
> /tmp/hadoop-hive instead of /tmp/hadoop-user1
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
