Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-1279

Impala does not employ ACLs when checking path permissions for LOAD and INSERT

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • Impala 1.4.1
    • Impala 2.0
    • None
    • None

    Description

      Impala checks permissions for LOAD and INSERT statements before executing them to allow for early-exit if the query would not succeed. However, it does not take extended ACLs in CDH5 into account.

      When a directory has restrictive Posix permissions (e.g. 000), but has an ACL allowing writes, Impala should allow INSERTs and LOADs to happen to that directory. Instead, the early check will disallow them.

      If the checks were disabled, the queries would execute (or not!) correctly, because we delegate to libhdfs or the DistributedFileSystem API to actually perform the operations we need.

      Attachments

        Activity

          People

            henryr Henry Robinson
            henryr Henry Robinson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: