...
- Directories created by new database/table/partition/bucket
- Files added to tables via load/insert
- Table directories exported/imported (open question of whether exported table inheriting perm from new parent needs another flag)
What may be is inherited:
- Basic file permission
- Groups (already done by HDFS for new directories)
- Extended ACL's (already done by HDFS for new directories)
...
- When "hive.warehouse.subdir.inherit.perms" flag is enabled in Hive, Hive will try to do all above inheritances. In the future, we can add more flags for more finer-grained controlfollowing inheritances.
- Database directory inherits from warehouse directory.
- Table directory inherits from database directory, or from warehouse directory if it is part of the default database.
- External table directory inherits from parent directory.
- Partition directory inherits from table directory. (As of Hive 0.15)
- Data files inherits from table or partition directory.
- Failure by Hive to inherit will not cause operation to fail. Rule of thumb of when security-prop inheritance will happen is the following:
- To run chmod, a user must be the owner of the file, or else a super-user.
- To run chgrp, a user must be the owner of files, or else a super-user.
- Hence, user that hive runs as (either 'hive' or the logged-in user in case of impersonation), must be super-user or owner of the file whose security properties are going to be changed
JIRA
Version Information
Most of this functionality was added as of Hive 0.14.
See umbrella JIRA See HIVE-6892 for for details.
| Jira | ||||
|---|---|---|---|---|
|