falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sowmya Ramesh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FALCON-1162) Cluster submit succeeds when staging HDFS dir does not have 777 (ALL) permission
Date Tue, 21 Apr 2015 21:56:59 GMT

    [ https://issues.apache.org/jira/browse/FALCON-1162?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14505869#comment-14505869
] 

Sowmya Ramesh commented on FALCON-1162:
---------------------------------------

[~me.venkatr]: After FALCON-753, ownership of the staging dir was changed to user submitting
the feed. This change would enforce staging directory to have 777 permissions. FALCON-910
broke this contract and doesn't check for exact permissions.

Did you test this after the change? Did the cluster submission fail if the staging dir had
755 perm?

>From the code, in the method checkPathOwnerAndPermission exactPerms is used to determine
if exact permission has to checked or not.
Patch you provided has false for exactPerms, this should be true as staging dir should have
the exact 777 permission.

If true is passed , then !exactPerms code in checkPathOwnerAndPermission never executed and
should be removed. Tagging [~cryptoe] to make sure this change will not break what was fixed
in Falcon-910.

{noformat}
            if (exactPerms) {
                if (fileStatus.getPermission().toShort() != expectedPermission.toShort())
{
                    LOG.error(errorMessage);
                    throw new ValidationException(errorMessage);
                }
            } else {
                if (expectedPermission.getUserAction().ordinal() > fileStatus.getPermission().getUserAction()
                        .ordinal()) {
                    LOG.error(errorMessage + " at least");
                    throw new ValidationException(errorMessage + " at least");
                }
                if (expectedPermission.getGroupAction().ordinal() > fileStatus.getPermission().getGroupAction()
                        .ordinal()) {
                    LOG.error(errorMessage + " at least");
                    throw new ValidationException(errorMessage + " at least");
                }
                if (expectedPermission.getOtherAction().ordinal() > fileStatus.getPermission().getOtherAction()
                        .ordinal()) {
                    LOG.error(errorMessage + " at least");
                    throw new ValidationException(errorMessage + " at least");
                }
            }
{noformat}

When you submit a patch please use the format <BugNo.version.patch> for the patch file
name. Also status should be moved to "Patch Available" from "Open" - you will have to click
on "Submit Patch" to change the status so that others know patch is available.

> Cluster submit succeeds when staging HDFS dir does not have 777 (ALL) permission 
> ---------------------------------------------------------------------------------
>
>                 Key: FALCON-1162
>                 URL: https://issues.apache.org/jira/browse/FALCON-1162
>             Project: Falcon
>          Issue Type: Bug
>          Components: common
>    Affects Versions: 0.6
>            Reporter: Venkat Ramachandran
>            Assignee: Venkat Ramachandran
>            Priority: Blocker
>             Fix For: 0.6.1
>
>         Attachments: patch-1162.1
>
>
> Staging HDFS dir specified in the cluster definition should have WORLD WRITABLE permission.
It seems Cluster entity submit used to validate this condition in order to avoid further runtime
failures. 
> But, this check had been reverted as part of the FALCON-910 commits (only checks for
755) as below:
> ClusterEntityParser.java   
> {code}
>         checkPathOwnerAndPermission(cluster.getName(),  stagingLocation.getPath(), fs,
HadoopClientFactory.READ_EXECUTE_PERMISSION, false);
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message