hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eugene Koifman (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-5133) webhcat jobs that need to access metastore fails in secure mode
Date Fri, 23 Aug 2013 19:09:52 GMT

    [ https://issues.apache.org/jira/browse/HIVE-5133?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13748882#comment-13748882
] 

Eugene Koifman commented on HIVE-5133:
--------------------------------------

1. Server#pig() & Server#mapReduceJar() - the JavaDoc lists all the parameters but no
explanation of what each means.  At the very least new params should be documented.  Saying
that it matches REST API isn’t really useful since http://hive.apache.org/docs/hcat_r0.5.0/pig.html
doesn’t describe all of them, especially the parameter just added.
2. PigDelegator#hasPigArgUseHcat() - would be useful to add a comment about what -useHCatalog
does (or a URL)
3. I think MSTokenCleanOutputFormat is missing from the patch
4. In TempletonControllerJob - wouldn’t be cleaner to pass a variable in TCJ c’tor() that
says delegation token is needed rather than passing via args and having to remove it?
5. Why does TempletonControllerJob#run() use UserGroupInformation.getCurrentUser(), but TempletonControllerJob#buildHCatDeletgationToken()
uses UgiFactory.  Is there specific reason for this?
6. I think it would be really useful to add 10-20 lines of JavaDoc that explains why this
whole thing is implemented/how it’s designed.  It would be a big help for maintainers (and
doc writes)

                
> webhcat jobs that need to access metastore fails in secure mode
> ---------------------------------------------------------------
>
>                 Key: HIVE-5133
>                 URL: https://issues.apache.org/jira/browse/HIVE-5133
>             Project: Hive
>          Issue Type: Bug
>          Components: WebHCat
>    Affects Versions: 0.11.0
>            Reporter: Thejas M Nair
>            Assignee: Thejas M Nair
>         Attachments: HIVE-5133.1.patch
>
>
> Webhcat job submission requests result in the pig/hive/mr job being run from a map task
that it launches. In secure mode, for the pig/hive/mr job that is run to be authorized to
perform actions on metastore, it has to have the delegation tokens from the hive metastore.
> In case of pig/MR job this is needed if hcatalog is being used in the script/job.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message