Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-15638

Make Hive tables directory permission check flat



    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: hdfs
    • Labels:


      Problem: Currently, when a user tries to accesses a file he/she needs the permissions of it's parent and ancestors and the permission of that file. This is correct generally, but for Hive tables directories/files, all the files under a partition or even a table usually have the same permissions for the same set of ACL groups. Although the permissions and ACL groups are the same, the writer still need to call setfacl() for every file. This results in a huge amount of RPC calls to NN. HDFS has default ACL to solve that but that only applies to create and copy, but not apply for rename. However, in Hive ETL, rename is very common. 

      Proposal: Add a 1-bit flag to directory inodes to indicate whether or not it is a Hive table directory. If that flag is set, then all the sub-directory and files under it will just use it's permission and ACL groups settings. By doing this way, Hive ETL doesn't need to set permissions at the file level. If that flag is not set(by default), work as before. To set/unset that flag, it would require admin privilege. 










            • Assignee:
              shangxinli Xinli Shang
            • Votes:
              0 Vote for this issue
              7 Start watching this issue


              • Created: