我正在尝试加载数据并覆盖表。
LOAD ~~ OVERWRITE ~~之后,表的文件许可权和ACL会更改(可能会重置为默认值?)。
我猜选项hive.warehouse.subdir.inherit.perms=true会导致这种情况。如果设置hive.warehouse.subdir.inherit.perms=false,则覆盖的表格和文件具有原始数据文件所具有的权限。
如果没有,LOAD ~~ OVERWRITE ~~之后,我应该更改文件许可权并手动设置表的ACL吗?
答案 0 :(得分:0)
您可以查看此文档以获取有关Hive中权限继承的更多信息
https://cwiki.apache.org/confluence/display/Hive/Permission+Inheritance+in+Hive
When "hive.warehouse.subdir.inherit.perms" flag is enabled in Hive, Hive will try to do all the following inheritances.
Database directory inherits from warehouse directory.
Table directory inherits from database directory, or from warehouse directory if it is part of the default database.
External table directory inherits from parent directory.
Partition directory inherits from table directory. (As of Hive 1.1.0.)
Data files inherit from table or partition directory.
Failure by Hive to inherit will not cause operation to fail. Rule of thumb of when security-prop inheritance will happen is the following:
To run chmod, a user must be the owner of the file, or else a super-user.
To run chgrp, a user must be the owner of files, or else a super-user.
Hence, user that hive runs as (either 'hive' or the logged-in user in case of impersonation), must be super-user or owner of the file whose security properties are going to be changed
因此,您无法保留表的权限。您启用了Hive授权吗?
您可以尝试SQL Standards Based Authorization in Hive Server2
https://cwiki.apache.org/confluence/display/Hive/LanguageManual+Authorization