drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pritesh Maker (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (DRILL-5875) user mixed up problem in apache drill
Date Tue, 31 Oct 2017 17:02:02 GMT

     [ https://issues.apache.org/jira/browse/DRILL-5875?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Pritesh Maker reassigned DRILL-5875:
------------------------------------

    Assignee: Arina Ielchiieva

> user mixed up problem in apache drill
> -------------------------------------
>
>                 Key: DRILL-5875
>                 URL: https://issues.apache.org/jira/browse/DRILL-5875
>             Project: Apache Drill
>          Issue Type: Bug
>    Affects Versions: 1.8.0, 1.9.0, 1.10.0, 1.11.0
>            Reporter: flyfantasy
>            Assignee: Arina Ielchiieva
>
> Hi guys.
> we have used drill for quite a long time.   We used apache-drill-1.8.0 at the beginning
and recently we upgraded to apache-drill-1.11.0. Drill is great and now drill already have
40+ user in our company. It accelerate olap queries quite a lot. But as the number of  drill
user is getting bigger and bigger, a problem we called user mix-up is getting more and more
serious. 
> Let me explain the problem. We are using drill with user impersonation. Different user
have different privileges. As we have many drill user, so is it quite common two or more people
are using drill at the same time. A user we called u1 posted a query to table t1 located in
hdfs which he has privilege through drill and may get an error which tells him that he has
no privilege to the table as he was u2 ( another user). " And u2 may get a similar error with
his query. The only thing u1 can do in this situation is to exit drill and reconnect to drill
through a new session.
> This problem occurs quite frequently.  It occur in apache-drill-1.8.0 and also in apache-drill-1.11.0.
User get confused and maybe frustrated while data security is under threaten. 
> PS: we are running drill on a 8 nodes cluster which will connect to a 100 nodes hadoop
cluster. Hadoop version is 2.6.3. Drill version is 1.11.0. Below is drill-override.conf
> drill.exec: {
>   cluster-id: "olap-drill",
>   zk.connect: "zk01:2181/olap_drill,zk02:2181/olap_drill,zk03:2181/olap_drill",
>        security.user.auth: {            enabled: true,
>             packages += "org.apache.drill.exec.rpc.user.security",
>             impl: "pam"
>             pam_profiles: ["login", "sudo"]
>        },
>            impersonation: {
>              enabled: true,
>              max_chained_user_hops: 3
>            }
> }
> Thanks for your attention. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message