[
https://issues.apache.org/jira/browse/HIVE-28736?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Riju Trivedi updated HIVE-28736:
--------------------------------
Description:
When the table is created through HMS - e.g. directly via API or via Spark-SQL
- the HMS Authorizer of the CREATE_TABLE event involves URL (DFS_URI)
Authorization even when explicit location is not specified. This is not
consistent with Hiveserver2 authorization during the Create table.
{noformat}
scala> spark.sql("CREATE TABLE default.loctest2 (id int, txt string)")
org.apache.spark.sql.AnalysisException:
org.apache.hadoop.hive.ql.metadata.HiveException:
MetaException(message:Permission denied: user [cdpuser1] does not have [READ]
privilege on
[[hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2,
hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2/]])
at
org.apache.spark.sql.hive.HiveExternalCatalog.withClient(HiveExternalCatalog.scala:110)
at
org.apache.spark.sql.hive.HiveExternalCatalog.createTable(HiveExternalCatalog.scala:244)
{noformat}
was:
When the table is created through HMS - e.g. directly via API or via Spark-SQL
- the HMS Authorizer of the CREATE_TABLE event involves URL (DFS_URI)
Authorization when explicit location is not specified. This is not consistent
with Hiveserver2 authorization during Create table.
When the same is created through HMS - e.g. directly via API or via Spark-SQL -
the HMS Authorizer of the CREATE_TABLE event involves URL (DFS_URI)
Authorization:
{noformat}
scala> spark.sql("CREATE TABLE default.loctest2 (id int, txt string)")
23/11/16 16:47:57 WARN analysis.ResolveSessionCatalog: [main]: A Hive serde
table will be created as there is no table provider specified. You can set
spark.sql.legacy.createHiveTableByDefault to false so that native data source
table will be created instead.
23/11/16 16:47:58 WARN conf.HiveConf: [main]: HiveConf of name
hive.metastore.runworker.in does not exist
23/11/16 16:47:58 WARN client.HiveClientImpl: [main]: Detected HiveConf
hive.execution.engine is 'tez' and will be reset to 'mr' to disable useless
hive logic
Hive Session ID = 9d69bd0c-a841-45cf-bd3f-9800f138a94e
23/11/16 16:48:00 WARN metadata.Hive: [main]: Failed to register udf functions
in external driver.
org.apache.spark.sql.AnalysisException:
org.apache.hadoop.hive.ql.metadata.HiveException:
MetaException(message:Permission denied: user [cdpuser1] does not have [READ]
privilege on
[[hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2,
hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2/]])
at
org.apache.spark.sql.hive.HiveExternalCatalog.withClient(HiveExternalCatalog.scala:110)
at
org.apache.spark.sql.hive.HiveExternalCatalog.createTable(HiveExternalCatalog.scala:244)
{noformat}
> Remove DFS_URI authorization in HMS for CREATE_TABLE event with no explicit
> LOCATION
> -------------------------------------------------------------------------------------
>
> Key: HIVE-28736
> URL: https://issues.apache.org/jira/browse/HIVE-28736
> Project: Hive
> Issue Type: Bug
> Components: Metastore
> Reporter: Riju Trivedi
> Assignee: Riju Trivedi
> Priority: Major
>
> When the table is created through HMS - e.g. directly via API or via
> Spark-SQL - the HMS Authorizer of the CREATE_TABLE event involves URL
> (DFS_URI) Authorization even when explicit location is not specified. This is
> not consistent with Hiveserver2 authorization during the Create table.
> {noformat}
> scala> spark.sql("CREATE TABLE default.loctest2 (id int, txt string)")
> org.apache.spark.sql.AnalysisException:
> org.apache.hadoop.hive.ql.metadata.HiveException:
> MetaException(message:Permission denied: user [cdpuser1] does not have [READ]
> privilege on
> [[hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2,
>
> hdfs://jkovacs7217-3.jkovacs7217.root.hwx.site:8020/warehouse/tablespace/external/hive/loctest2/]])
> at
> org.apache.spark.sql.hive.HiveExternalCatalog.withClient(HiveExternalCatalog.scala:110)
> at
> org.apache.spark.sql.hive.HiveExternalCatalog.createTable(HiveExternalCatalog.scala:244)
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
