haizhou-zhao commented on code in PR #6324:
URL: https://github.com/apache/iceberg/pull/6324#discussion_r1053645840
##########
hive-metastore/src/main/java/org/apache/iceberg/hive/HiveCatalog.java:
##########
@@ -567,8 +570,13 @@ Database convertToDatabase(Namespace namespace,
Map<String, String> meta) {
});
if (database.getOwnerName() == null) {
- database.setOwnerName(System.getProperty("user.name"));
- database.setOwnerType(PrincipalType.USER);
+ try {
+
database.setOwnerName(UserGroupInformation.getCurrentUser().getUserName());
+ database.setOwnerType(PrincipalType.USER);
+ } catch (IOException e) {
+ throw new UncheckedIOException(
+ String.format("Fail to obtain default (UGI) user for database %s",
database), e);
Review Comment:
Adopted comments error message in the latest commit.
As for error throwing, I would argue that because the error is only thrown
should the user decide to use kerberos principal to authenticate with their
Hive Metastore cluster, the nature of the error is the user's fault (invalid
keytab, etc.) and not related to iceberg. In that case, it is most straight
forward to throw this error back at the user instead of having iceberg code
swallowing exception and try to run default logic.
Also, the purpose of the change is the original implementation of using OS
username as default table owner is not well integrated with Hive Metastore
because Hive Metastore relies on Hadoop UGI for identity and authn.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org
