Versions Compared

Old Version 5

changes.mady.by.user Szehon Ho

Saved on

compared with

New Version 6

changes.mady.by.user Lefty Leverenz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: add link to ConfigurationProperties--hive.warehouse.subdir.inherit.perms

...

  • Basic file permission
  • Groups (already done by HDFS for new directories)
  • Extended ACL's (already done by HDFS for new directories)

Behavior

  • When "hive.warehouse.subdir.inherit.perms" flag is enabled in Hive, Hive will try to do all above inheritances. In the future, we can add more flags for more finer-grained control.
  • Failure by Hive to inherit will not cause operation to fail. Rule of thumb of when security-prop inheritance will happen is the following:
    • To run chmod, a user must be the owner of the file, or else a super-user.
    • To run chgrp, a user must be the owner of files, or else a super-user.
    • Hence, user that hive runs as (either 'hive' or the logged-in user in case of impersonation), must be super-user or owner of the file whose security properties are going to be changed

...