[
https://issues.apache.org/jira/browse/HIVE-27021?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17690086#comment-17690086
]
iBenny commented on HIVE-27021:
-------------------------------
[~zabetak] Thanks for the suggestion.
{quote}Those interested to enforce permissions before dropping the table can
use [metastore
pre-listeners|https://github.com/apache/hive/blob/29dc08172ba9ae3a3f51320f656994c20198c5f0/standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/HMSHandler.java#L360].
There are also already implemented handlers that perform checks based on the
filesystem directory permissions.
{quote}
Do you mean there are already implemented handlers that perform checks based on
the filesystem directory permissions? Could you tell me which handler I should
refer to? I can only find a few PreEventListener but they are not related.
[https://github.com/apache/hive/search?q=MetaStorePreEventListener]
Or do I have to build a new PreEventListener to implement it?
> Drop table should not be success on purge enabled tables if underlying HDFS
> data delete fails
> ---------------------------------------------------------------------------------------------
>
> Key: HIVE-27021
> URL: https://issues.apache.org/jira/browse/HIVE-27021
> Project: Hive
> Issue Type: Bug
> Reporter: iBenny
> Priority: Minor
> Labels: backward-incompatible
>
> User A has drop privs for a table, but does not have delete privs on table
> HDFS path & table purge is enabled. When User A fires drop table command, HMS
> metadata is removed but HDFS files are left as-is & drop is reported
> successful leaving stale files.
> For example, the drop table query is completed successfully.
> {code:java}
> 0: jdbc:hive2://> drop table testtb_ex1
> INFO : Semantic Analysis Completed (retrial = false)
> INFO : Created Hive schema: Schema(fieldSchemas:null, properties:null)
> INFO : Completed compiling
> command(queryId=hive_20221213121153_67cc8de3-9bd1-47c5-b2ec-13f6a0cd5125);
> Time taken: 0.032 seconds
> INFO : Executing
> command(queryId=hive_20221213121153_67cc8de3-9bd1-47c5-b2ec-13f6a0cd5125):
> drop table testtb_ex1
> INFO : Starting task [Stage-0:DDL] in serial mode
> INFO : Completed executing
> command(queryId=hive_20221213121153_67cc8de3-9bd1-47c5-b2ec-13f6a0cd5125);
> Time taken: 0.413 seconds
> INFO : OK
> No rows affected (0.516 seconds) {code}
> However, the table HDFS data deletion fails
> {code:java}
> 2022-12-13 12:11:53,700 ERROR
> org.apache.hadoop.hive.metastore.utils.MetaStoreUtils: [pool-6-thread-73]:
> Got exception: org.apache.hadoop.security.AccessControlException Permission
> denied by sticky bit: user
> =oozie,
> path="/warehouse/tablespace/external/hive/testtb_ex1":hive:hive:drwxr-xr-x,
> parent="/warehouse/tablespace/external/hive":hive:hive:drwxrwxrwt{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
