hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig Macdonald (JIRA)" <j...@apache.org>
Subject [jira] Issue Comment Edited: (HADOOP-3536) Support permissions in fuse-dfs
Date Mon, 23 Jun 2008 18:28:45 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-3536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12607327#action_12607327
] 

craigm edited comment on HADOOP-3536 at 6/23/08 11:27 AM:
-------------------------------------------------------------------

Ok, this would require some minor changes in libhdfs API.

Currently, the connection API is:
{noformat}
hdfsFS hdfsConnect(const char* host, tPort port);
{noformat}

I suggest adding one or two additional API calls, to allow connection as a given user:
{noformat}
/** 
  * hdfsConnect - Connect to a hdfs file system as the specified user, and all
  * of his/her groups
  */
hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid);

/** 
  * hdfsConnect - Connect to a hdfs file system as the specified user, and only the specified
group
  */
hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid, gid_t gid);

{noformat}

This would require libhdfs to achieve two tasks:
 * For  a given uid, determine the username and all his/her groups (names), and use these
to access a FileSystem object
 * For a given uid, determine the username and the group names, and use these to access a
FileSystem object

Code to achieve this attached.



      was (Author: craigm):
    Ok, this would require some minor changes in libhdfs API.

Currently, the connection API is:
[noformat]
hdfsFS hdfsConnect(const char* host, tPort port);
[noformat]

I suggest adding one or two additional API calls, to allow connection as a given user:
[noformat]
/** 
  * hdfsConnect - Connect to a hdfs file system as the specified user, and all
  * of his/her groups
  */
hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid);

/** 
  * hdfsConnect - Connect to a hdfs file system as the specified user, and only the specified
group
  */
hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid, gid_t gid);

[noformat]

This would require libhdfs to achieve two tasks:
 * For  a given uid, determine the username and all his/her groups (names), and use these
to access a FileSystem object
 * For a given uid, determine the username and the group names

Code to achieve this attached.


  
> Support permissions in fuse-dfs
> -------------------------------
>
>                 Key: HADOOP-3536
>                 URL: https://issues.apache.org/jira/browse/HADOOP-3536
>             Project: Hadoop Core
>          Issue Type: New Feature
>          Components: contrib/fuse-dfs
>            Reporter: Craig Macdonald
>         Attachments: getlogininfo.c
>
>
> Currently permissions are unsupported by fuse-dfs.
> This manifests itself as two issues:
>  * Users accessing a fuse-dfs mount do so as the user running fuse_dfs executable. In
this case, it would be better to run fuse-dfr as some privileged user, and use Hadoop API
calls determine whether the current user was privileged enough to perform the action.
>  * Users cannot view/change permissions on the mounted volume. See  HADOOP-3264

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message