You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@hadoop.apache.org by Alexander Alten-Lorenz <wg...@gmail.com> on 2012/11/22 09:41:07 UTC
Re: Multiuser setup on Hive
You could use SASL / kerberos implementation within HiveServer2. Depends on a kerberosized cluster, too. Hive's metastore server provides the same mechanism, but isn't fully multi connect ready.
Here's a link:
http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
- Alex
On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
> Hi,
>
> I had been trying to set up a multi user environment for hive.
> I have set up the hive metastore db in MySQL and hive works.
>
> Consider this scenario:
>
> user1 has created a database data1
> user2 has created a database data2
>
> Now user2 logs into hive and he is able to see and delete database data2
>
> How do I prevent this?
>
> Regards,
> Austin
--
Alexander Alten-Lorenz
http://mapredit.blogspot.com
German Hadoop LinkedIn Group: http://goo.gl/N8pCF
Re: Multiuser setup on Hive
Posted by Michel Segel <mi...@hotmail.com>.
User 2 has the permission to delete database2 because he created it.
Did the OP mean that user1 can delete it? If so there are permissions that would prevent that.
Sent from a remote device. Please excuse any typos...
Mike Segel
On Nov 22, 2012, at 2:41 AM, Alexander Alten-Lorenz <wg...@gmail.com> wrote:
> You could use SASL / kerberos implementation within HiveServer2. Depends on a kerberosized cluster, too. Hive's metastore server provides the same mechanism, but isn't fully multi connect ready.
> Here's a link:
> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>
> - Alex
>
> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>
>> Hi,
>>
>> I had been trying to set up a multi user environment for hive.
>> I have set up the hive metastore db in MySQL and hive works.
>>
>> Consider this scenario:
>>
>> user1 has created a database data1
>> user2 has created a database data2
>>
>> Now user2 logs into hive and he is able to see and delete database data2
>>
>> How do I prevent this?
>>
>> Regards,
>> Austin
>
> --
> Alexander Alten-Lorenz
> http://mapredit.blogspot.com
> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>
>
Re: Multiuser setup on Hive
Posted by Alexander Alten-Lorenz <wg...@gmail.com>.
That means a separate metastore per User / different port. Please have in mind, anyone should maintain this. On top, the user has to choose the right JDBC connection. I have my doubt on such a installation ;)
cheers,
Alex
On Nov 22, 2012, at 10:48 AM, Austin Chungath <au...@gmail.com> wrote:
> Thanks Alex,
> But unfortunately I don't have kerberos implementation right now to try it
> out.
> I was wondering if we can create multiple metastore dbs in mysql and then
> for each user group make separate hive-site.xml which has the username and
> jdbc connection details. Do I make any sense? is something in these lines
> possible?
>
> Regards,
> Austin
>
>
> On Thu, Nov 22, 2012 at 2:11 PM, Alexander Alten-Lorenz <wget.null@gmail.com
>> wrote:
>
>> You could use SASL / kerberos implementation within HiveServer2. Depends
>> on a kerberosized cluster, too. Hive's metastore server provides the same
>> mechanism, but isn't fully multi connect ready.
>> Here's a link:
>> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>>
>> - Alex
>>
>> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I had been trying to set up a multi user environment for hive.
>>> I have set up the hive metastore db in MySQL and hive works.
>>>
>>> Consider this scenario:
>>>
>>> user1 has created a database data1
>>> user2 has created a database data2
>>>
>>> Now user2 logs into hive and he is able to see and delete database data2
>>>
>>> How do I prevent this?
>>>
>>> Regards,
>>> Austin
>>
>> --
>> Alexander Alten-Lorenz
>> http://mapredit.blogspot.com
>> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>>
>>
--
Alexander Alten-Lorenz
http://mapredit.blogspot.com
German Hadoop LinkedIn Group: http://goo.gl/N8pCF
Re: Multiuser setup on Hive
Posted by Austin Chungath <au...@gmail.com>.
Thanks Alex,
But unfortunately I don't have kerberos implementation right now to try it
out.
I was wondering if we can create multiple metastore dbs in mysql and then
for each user group make separate hive-site.xml which has the username and
jdbc connection details. Do I make any sense? is something in these lines
possible?
Regards,
Austin
On Thu, Nov 22, 2012 at 2:11 PM, Alexander Alten-Lorenz <wget.null@gmail.com
> wrote:
> You could use SASL / kerberos implementation within HiveServer2. Depends
> on a kerberosized cluster, too. Hive's metastore server provides the same
> mechanism, but isn't fully multi connect ready.
> Here's a link:
> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>
> - Alex
>
> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>
> > Hi,
> >
> > I had been trying to set up a multi user environment for hive.
> > I have set up the hive metastore db in MySQL and hive works.
> >
> > Consider this scenario:
> >
> > user1 has created a database data1
> > user2 has created a database data2
> >
> > Now user2 logs into hive and he is able to see and delete database data2
> >
> > How do I prevent this?
> >
> > Regards,
> > Austin
>
> --
> Alexander Alten-Lorenz
> http://mapredit.blogspot.com
> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>
>
Re: Multiuser setup on Hive
Posted by Michel Segel <mi...@hotmail.com>.
User 2 has the permission to delete database2 because he created it.
Did the OP mean that user1 can delete it? If so there are permissions that would prevent that.
Sent from a remote device. Please excuse any typos...
Mike Segel
On Nov 22, 2012, at 2:41 AM, Alexander Alten-Lorenz <wg...@gmail.com> wrote:
> You could use SASL / kerberos implementation within HiveServer2. Depends on a kerberosized cluster, too. Hive's metastore server provides the same mechanism, but isn't fully multi connect ready.
> Here's a link:
> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>
> - Alex
>
> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>
>> Hi,
>>
>> I had been trying to set up a multi user environment for hive.
>> I have set up the hive metastore db in MySQL and hive works.
>>
>> Consider this scenario:
>>
>> user1 has created a database data1
>> user2 has created a database data2
>>
>> Now user2 logs into hive and he is able to see and delete database data2
>>
>> How do I prevent this?
>>
>> Regards,
>> Austin
>
> --
> Alexander Alten-Lorenz
> http://mapredit.blogspot.com
> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>
>
Re: Multiuser setup on Hive
Posted by Michel Segel <mi...@hotmail.com>.
User 2 has the permission to delete database2 because he created it.
Did the OP mean that user1 can delete it? If so there are permissions that would prevent that.
Sent from a remote device. Please excuse any typos...
Mike Segel
On Nov 22, 2012, at 2:41 AM, Alexander Alten-Lorenz <wg...@gmail.com> wrote:
> You could use SASL / kerberos implementation within HiveServer2. Depends on a kerberosized cluster, too. Hive's metastore server provides the same mechanism, but isn't fully multi connect ready.
> Here's a link:
> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>
> - Alex
>
> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>
>> Hi,
>>
>> I had been trying to set up a multi user environment for hive.
>> I have set up the hive metastore db in MySQL and hive works.
>>
>> Consider this scenario:
>>
>> user1 has created a database data1
>> user2 has created a database data2
>>
>> Now user2 logs into hive and he is able to see and delete database data2
>>
>> How do I prevent this?
>>
>> Regards,
>> Austin
>
> --
> Alexander Alten-Lorenz
> http://mapredit.blogspot.com
> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>
>
Re: Multiuser setup on Hive
Posted by Michel Segel <mi...@hotmail.com>.
User 2 has the permission to delete database2 because he created it.
Did the OP mean that user1 can delete it? If so there are permissions that would prevent that.
Sent from a remote device. Please excuse any typos...
Mike Segel
On Nov 22, 2012, at 2:41 AM, Alexander Alten-Lorenz <wg...@gmail.com> wrote:
> You could use SASL / kerberos implementation within HiveServer2. Depends on a kerberosized cluster, too. Hive's metastore server provides the same mechanism, but isn't fully multi connect ready.
> Here's a link:
> http://ben-tech.blogspot.de/2012/10/hive-server-2-in-cdh41.html
>
> - Alex
>
> On Nov 22, 2012, at 7:46 AM, Austin Chungath <au...@gmail.com> wrote:
>
>> Hi,
>>
>> I had been trying to set up a multi user environment for hive.
>> I have set up the hive metastore db in MySQL and hive works.
>>
>> Consider this scenario:
>>
>> user1 has created a database data1
>> user2 has created a database data2
>>
>> Now user2 logs into hive and he is able to see and delete database data2
>>
>> How do I prevent this?
>>
>> Regards,
>> Austin
>
> --
> Alexander Alten-Lorenz
> http://mapredit.blogspot.com
> German Hadoop LinkedIn Group: http://goo.gl/N8pCF
>
>