hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Shelukhin (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HIVE-18689) restore inheritPerms functionality and extend it to ACID
Date Wed, 14 Feb 2018 00:20:02 GMT

    [ https://issues.apache.org/jira/browse/HIVE-18689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16363271#comment-16363271
] 

Sergey Shelukhin edited comment on HIVE-18689 at 2/14/18 12:20 AM:
-------------------------------------------------------------------

Discussed with [~ashutoshc] who doesn't want to restore this feature to master. Our current
plan is to rely on new HDFS feature (ACLs) for inherit permissions functionality in 3.0, since
Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough about this functionality to argue more about
this.

We are basically making a conscious decision to rely on a brand new, never executed in production
(and never even included in a released version as of now, as far as I know) feature for this
crucial (for anyone using storage based auth) functionality with no possibility of fallback
in case there's some issue with it; the kind of fall-back we had, and often used and still
use, for every significant new feature in Hive from major e.g. CBO, Tez, LLAP, Vectorization,
etc., to small optimizations.

I will just leave this patch here for the record (and in case if it's needed for forward ports)
and handle ACID separately on 2.X branch in HIVE-18710.


was (Author: sershe):
Discussed with [~ashutoshc] who doesn't want to restore this feature to master. Our current
plan is to rely on new HDFS feature (ACLs) for inherit permissions functionality in 3.0, since
Hive 3 will anyway only work with Hadoop 3.X.
I don't think it is wise but I don't care enough about this functionality to argue more about
this.

We are basically making a conscious decision to rely on a brand new, never executed in production
(and never even included in a released version as of now, as far as I know) feature for this
crucial (for anyone using storage based auth) functionality with no possibility of fallback
in case there's some issue with it; the kind of fall-back we had, and often used and still
use, for every significant new feature in Hive from major e.g. CBO, Tez, LLAP, Vectorization,
etc., to small optimizations).

I will just leave this patch here for the record (and in case if it's needed for forward ports)
and handle ACID separately on 2.X branch in HIVE-18710.

> restore inheritPerms functionality and extend it to ACID
> --------------------------------------------------------
>
>                 Key: HIVE-18689
>                 URL: https://issues.apache.org/jira/browse/HIVE-18689
>             Project: Hive
>          Issue Type: Bug
>          Components: Transactions
>            Reporter: Sergey Shelukhin
>            Assignee: Sergey Shelukhin
>            Priority: Major
>         Attachments: HIVE-18689.patch
>
>
> This functionality was removed for no clear reason (if it doesn't apply to some use case
it can just be disabled).
> It's still in use; in fact, it should be extended to ACID table subdirectories.
> This patch restores the functionality with some cleanup (to not access config everywhere,
mostly), disables it by default, and extends it to ACID tables.
> There's a coming HDFS feature that will automatically inherit permissions. When that
is shipped in a non-beta version and stabilized a bit, we can remove this functionality...
however I dunno if that is good for other potential use cases, like non-HDFS file systems
that do have a concept of a directory (Isilon?)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message