Reply
Master
Posts: 430
Registered: ‎07-01-2015

drop partition does not honor HDFS posix

Hi, 

 I have an kerberos enabled cluster with sentry, and a test user who has read+write rights on the default database.

I created a table with partitions, and tried to "protect" them by removing hdfs access rights on directory level.

 

create table ch_tab ( i int, s string ) partitioned by ( p int );

insert into ch_tab partition ( p ) select 1, "test", 1000;

insert into ch_tab partition ( p ) select 2, "test2", 1001;

 

Now I removed all write access rights from the partiton 1000.

I log in as a hdfs user:

kinit -k -t hdfs.keytab hdfs

hdfs dfs -chmod 550 /user/hive/warehouse/ch_tab/p=1000

 

Now going back to Impala (logged as a test user) I expected that this query will fail:

 

alter table ch_tab drop partition ( p =1000 );

 

But Impala just simply ignored the posix permissions and deleted the partition directory!

Any ideas why? Or other way, how to prevent accidental drop or delete of the table, but keeping it still for read available?

Thanks