AnsweredAssumed Answered

hive authorization

Question asked by sriharsha on Sep 13, 2013
Latest reply on Sep 16, 2013 by vkorukanti
Hi ,

 i am trying to set hive authorization on the cluster. i setup the following properties

    <property>
      <name>hive.security.authorization.enabled</name>
      <value>true</value>
      <description>enable or disable the hive client authorization</description>
    </property>
    
    <property>
      <name>hive.security.authorization.createtable.owner.grants</name>
      <value>ALL</value>
      <description>the privileges automatically granted to the owner whenever a table gets created.
       An example like "select,drop" will grant select and drop privilege to the owner of the table</description>
    </property>

and tired creating a table under demouser name

(create table authorization_test(key int,value string);)

and expected result was

Authrization faild :No privilages'create' found for outputs{database:default}.use show grants to get more details

but what i get is different

create table test(id int, name string);
    2013-09-13 14:17:14,9081 ERROR JniCommon fs/client/fileclient/cc/jni_common.cc:1733 Thread: 140473894967040 mkdirs failed for /user/hive/warehouse/demo.db/test, error 13
    FAILED: Error in metadata: MetaException(message:Got exception: java.io.IOException Error: Permission denied(13), file: test)
    FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.DDLTask

where i gave 775 to demo.db so its not able to write to that dir we can restrict by this but what i was try to do was use grants in hive.

any pointers would be greatfully.


 

Outcomes