Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Plain View
Hive, mail # user - HDFS directory in /user/hive/warehouse getting "hive" as Owner ?


+
Sanjay Subramanian 2013-03-26, 02:01
+
Nitin Pawar 2013-03-26, 02:11
+
Nitin Pawar 2013-03-26, 02:13
+
Sanjay Subramanian 2013-03-26, 02:18
Copy link to this message
-
Re: HDFS directory in /user/hive/warehouse getting "hive" as Owner ?
Nitin Pawar 2013-03-26, 02:43
YARN should not play any role in any create table statement. It just
creates a directory with DFSClient. Normally it tries to create it with the
cli userid in my experience.

which version of hive are you using?
which is your metastore?

Can you check for the following values?

 <property>
    <name>hive.security.authorization.enabled</name>
    <value>true</value>
    <description>enable or disable the hive client authorization</description>
  </property>

  <property>
    <name>hive.security.authorization.manager</name>
    <value>org.apache.hcatalog.security.HdfsAuthorizationProvider</value>
    <description>the hive client authorization manager class name.
    The user defined authorization class should implement interface
    org.apache.hadoop.hive.ql.security.authorization.HiveAuthorizationProvider.
    </description>
  </property>

On Tue, Mar 26, 2013 at 7:48 AM, Sanjay Subramanian <
[EMAIL PROTECTED]> wrote:

>  Hi Nitin
> I notice this peculiarity in Yarn and Hive
> I have another earlier cluster with MRv1 where I have created and run
> several hive tables and scripts ; The same test Create Table script gives
> the correct owner name
>  I added location but that did not help
> hive -e "CREATE TABLE name (id INT,  name STRING) LOCATION
> '/user/hive/warehouse/name';"
>
>  Thanks
> Sanjay
>
>   From: Nitin Pawar <[EMAIL PROTECTED]>
> Reply-To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> Date: Monday, March 25, 2013 7:13 PM
> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> Subject: Re: HDFS directory in /user/hive/warehouse getting "hive" as
> Owner ?
>
>   Forgot to add,
> if you want full filesystem level security on HDFS then you will need to
> enable kerberos based security.
>
>
> On Tue, Mar 26, 2013 at 7:41 AM, Nitin Pawar <[EMAIL PROTECTED]>wrote:
>
>> Sanjay,
>>
>>  can you try adding 'LOCATION' clause to your create statement.
>> By default the hive warehouse directory is writable by all the user. To
>> create it by the individual users you need to provide by the location
>> clause.
>>
>>
>> On Tue, Mar 26, 2013 at 7:31 AM, Sanjay Subramanian <
>> [EMAIL PROTECTED]> wrote:
>>
>>>  Steps to recreate the use case:
>>>
>>>  - Log in as *sasubramanian* to Linux Box
>>> - Execute hive -e "CREATE TABLE name (id INT,  name STRING);"
>>> - Go to HDFS /user/hive/warehouse/
>>>
>>>  Name  Type  Size  Replication  Block Size  Modification Time
>>>  Permission  Owner  Group
>>> name  dir                                  2013-03-25 18:57 rwxr-xr-x
>>> *hive*   supergroup
>>>
>>>  I want the table top be created as Owner = sasubramanian
>>> How can I do that ?
>>>
>>>  Thanks
>>> sanjay
>>>
>>> CONFIDENTIALITY NOTICE
>>> =====================>>> This email message and any attachments are for the exclusive use of the
>>> intended recipient(s) and may contain confidential and privileged
>>> information. Any unauthorized review, use, disclosure or distribution is
>>> prohibited. If you are not the intended recipient, please contact the
>>> sender by reply email and destroy all copies of the original message along
>>> with any attachments, from your computer system. If you are the intended
>>> recipient, please be advised that the content of this message is subject to
>>> access, review and disclosure by the sender's Email System Administrator.
>>>
>>
>>
>>
>>   --
>> Nitin Pawar
>>
>
>
>
>  --
> Nitin Pawar
>
> CONFIDENTIALITY NOTICE
> =====================> This email message and any attachments are for the exclusive use of the
> intended recipient(s) and may contain confidential and privileged
> information. Any unauthorized review, use, disclosure or distribution is
> prohibited. If you are not the intended recipient, please contact the
> sender by reply email and destroy all copies of the original message along
> with any attachments, from your computer system. If you are the intended
> recipient, please be advised that the content of this message is subject to
> access, review and disclosure by the sender's Email System Administrator.

Nitin Pawar
+
Sanjay Subramanian 2013-03-26, 02:54
+
Nitin Pawar 2013-03-26, 03:08
+
Nitin Pawar 2013-03-26, 03:08
+
Sanjay Subramanian 2013-03-26, 03:20
+
Sanjay Subramanian 2013-03-26, 17:51
+
Sanjay Subramanian 2013-03-26, 22:46
+
Ben Kim 2013-06-07, 12:23