[HIVE-23296] Setting Tez caller ID with the actual Hive user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: Tez
Labels:
None

Description

On the kerberized Hadoop environment, a submitter of an YARN job is the name part of the Hive server principal. A caller ID of the job is made of the OS user of the Hive server process.

The view and modify ACLs of the Hive server for all Tez tasks are set by org.apache.hadoop.hive.ql.exec.tez.TezTask#setAccessControlsForCurrentUser() so that the admin who has the Hive server principal can see all tasks from tez-ui. But the admin hardly knows who executed each query.

I suggest to change the caller ID to include the actual Hive user. If the user is not known, the OS user of the Hive server process is included as is.

The attached picture shows that 'Caller ID' includes 'user1' which is the Kerberos user name of the actual Hive user.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Screen Shot 2020-04-24 at 17.20.34.png
24/Apr/20 09:44
67 kB
Eugene Chung
HIVE-23296.01.patch
24/Apr/20 10:25
4 kB
Eugene Chung

Activity

People

Assignee:: Eugene Chung

Reporter:: Eugene Chung

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 24/Apr/20 10:21

Updated:: 05/May/20 06:37

Resolved:: 05/May/20 06:37