I have a question regarding Spark privileges with Sentry on Hadoop cluster.
First, some background -
- I’m using CDH version 5.13.2
- Acl sync on HDFS enabled
- Impersonation disabled
- Grant on database level and for specific cases gants on URI
There are two databases - db_a and db_b
In db_a there is a view which select from table which defined in db_b
I granted privilege for a specific user with read access (grant select) on db_a.
In Beeline/Impala/Hue the behaviour is as expected -
show databases shows only db_a
when user’s query the view in db_a it works perfect even the user don’t have any privilege on db_b.
The problem with Spark SQL -
When the same user is trying to access the view in db_a, it’s failed as yser don’t have access to db_b.
Again, same query with same user works fine in Hive/Impala
Is there any configuration q workaround to resolve the problem ?