This is likely a bug. On our HDP 2.5 clusters, we have: hive.server2.enable.doAs=false The HDFS folder /user/test1/csvfolder has read,write,execute permissions granted to the user hive by Ranger While loading data into an internal Hive table using "load data inpath '/user/test1/csvfolder into table tablename', we get an error. INFO : Loading data to table tablename from hdfs://sandbox.hortonworks.com:8020/user/test1/csvfolder ERROR : Failed with exception org.apache.hadoop.security.AccessControlException: Permission denied. user=hive is not the owner of inode=csvfile.csv at org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkOwner(FSPermissionChecker.java:250) at org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.checkPermission(FSPermissionChecker.java:227) at org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer$RangerAccessControlEnforcer.checkPermission(RangerHd fsAuthorizer.java:307) This error occurs both using Beeline as well as Hue's hive client. Here's why I think the error occurs. When doing a 'load data in path', it appears that hive copies the data files from hdfs into /apps/hive/warehouse/database/table/ with the user and owner of the files intact. Once it's copied, Hive then reads the copied files, but does so in a way that bypasses Ranger. So, if the original user and owner of the files copied isn't owned by hive, then the error occurs. -rw-r--r-- 3 test1 users 21226781 2017-02-07 16:27 /apps/hive/warehouse/sample_database.db/tablename/csvfile.csv ... View more

Is there a way to use the HDFS API to get a list of blocks and the data nodes that store a particular HDFS file? If that's not possible, at a minimum, is there a way to determine which data nodes store a particular HDFS file? ... View more