I have some tables in test database in HIVE that were created by another user.
I am trying to move these tables to another database called events
I have tried like below
alter table test.123 rename to events.123
But I am receiving permission denied error because the table 123 has been created by another.
1) How can I move this table?
2) How can we change the owner of the table to other user's?
3) Or How can we change ownership of all tables of a database to another user?
4) What is the best scenario where we don't need to worry about permission on Hive tables?
You can try following with superuser
ALTER (DATABASE|SCHEMA) database_name SET OWNER [USER|ROLE] user_or_role; -- (Note: Hive 0.13.0 and later; SCHEMA added in Hive 0.14.0)
If your Hadoop cluster is Kerberos enabled then there is no way you can change the ownership with non-super user account. If this would have been possible then there is no use of Permissions.
Related
I created a 3 node Hadoop cluster with 1 namenode and 2 datanode.
I can perform a read/write query from Hive shell, but not beeline.
I found many suggestions and answers related to this issue.
In every suggestion it was mentioned to give the permission for the userX for each individual table.
But I don't know how to set the permission for an anonymous user once and for all.
Why I am getting the user anonymous while accessing the data from beeline or from a Java program?
I am able to read the data from the both beeline shell and using Java JDBC connection.
But I can't insert the data in the table.
This is my jdbc connection : jdbc:hive2://hadoop01:10000.
Below is the error i am getting while on insert request:
Permission denied: user=anonymous, access=WRITE, inode="/user/hive/warehouse/test_log/.hive-staging_hive_2017-10-07_06-54-36_347_6034469031019245441-1":hadoop:supergroup:drwxr-xr-x
Beeline syntax is
beeline -n username -u "url"
I assume you are missing the username. Also, no one but the hadoop user has WRITE access to that table anyway
If you don't have full control over the table permissions, you can try relocating the staging directory with the setting hive.exec.stagingdir
If no database is specified in the connection URL to connect, like
jdbc:hive2://hadoop01:10000/default
then beeline connects to the database DEFAULT , and while inserting the data into the table - first the data is loaded to a temporary table in default database and then loaded to the actual table.
So, you need to give the user access to the DEFAULT database also, or you can connect to the databases where you have access to.
jdbc:hive2://hadoop01:10000/your_db
I need to set a set of permissions for the tables under a particular database in hive, which is different from the default permissions.
The database got created with 750 permission and I changed into 755. I used the below hive parameter, but still the tables are having 750 permission,
hive.warehouse.subdir.inherit.perms=true
I need the tables with 755 permission. I am changing the group of the db, inherited to the tables inside but not the permissions.
Due to security issues the user or Informatica has grants to create neither tables nor synonyms.
So I have come up with this:
The PMERR_DATA, PMERR_MSG, etc. tables are created under another user
The user of Informatica is granted to select, inset, update and delete from these tables
Name of the owner of the tables was set in the error table log prefix field:
But when the task starts, the integration service tries to create these PMERR% tables and it fails (due to lack of permissions to create tables)
How can these restrictions be overcome?
I am creating a database in hive with multiple location for example
CREATE DATABASE sample1 location 'hdfs://nameservice1:8020/db/dev/abc','hdfs://nameservice1:8020/db/dev/def','hdfs://nameservice1:8020/db/dev/ghi'
but i am getting error while doing this. Can anyone help in this kind of creating a database with multiple locations is allowed ? Is there any alternate solution for this.
PS: My cluster is sentry enabled
Which error? If that is
User xx does not have privileges for CREATETABLE
then look at
http://community.cloudera.com/t5/Batch-SQL-Apache-Hive/quot-User-does-not-have-privileges-for-CREATETABLE-quot-Error/td-p/21044
You may have to omit LOCATION, and upload file directly to a hive warehouse location of that hive schema. I can't think of a better workaround.
I have created Global Temporary table in oracle and inserting the data through my application, and its working fine for me when i connect to database with "system" as the username. Where as i have created one more user in the database with "user1" and have given "Grant all" privileges to this user also. Now when am connecting to database with "User1" as the username and running the application, the data is not inserting into Global temporary table.
But when i try to insert data from sql developer tool its inserting.
With system user through application also working, whereas with user1 its not inserting. Am not getting whats behind going as am not that much DB expert.
Please have any idea suggest me. I have all privileges also. Thanks in advance.
Fist, the table MUST be in other schema than SYS or SYSTEM. Create it on "User1".
Second, you must be sure that you select from the same table. Prefix the table with the schema when inserting and also when reading.
Also be sure that you are not in the situation of table created with ON COMMIT DELETE ROWS and some AUTOCOMMIT ON in Sql Developer.