Return-Path: Delivered-To: apmail-hadoop-core-dev-archive@www.apache.org Received: (qmail 50675 invoked from network); 23 Jun 2008 18:19:08 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Jun 2008 18:19:08 -0000 Received: (qmail 13422 invoked by uid 500); 23 Jun 2008 18:19:07 -0000 Delivered-To: apmail-hadoop-core-dev-archive@hadoop.apache.org Received: (qmail 13337 invoked by uid 500); 23 Jun 2008 18:19:07 -0000 Mailing-List: contact core-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: core-dev@hadoop.apache.org Delivered-To: mailing list core-dev@hadoop.apache.org Received: (qmail 13316 invoked by uid 99); 23 Jun 2008 18:19:07 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Jun 2008 11:19:07 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Jun 2008 18:18:26 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 208CD234C14A for ; Mon, 23 Jun 2008 11:18:45 -0700 (PDT) Message-ID: <4820137.1214245125132.JavaMail.jira@brutus> Date: Mon, 23 Jun 2008 11:18:45 -0700 (PDT) From: "Craig Macdonald (JIRA)" To: core-dev@hadoop.apache.org Subject: [jira] Commented: (HADOOP-3536) Support permissions in fuse-dfs In-Reply-To: <805796842.1213206886753.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/HADOOP-3536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12607327#action_12607327 ] Craig Macdonald commented on HADOOP-3536: ----------------------------------------- Ok, this would require some minor changes in libhdfs API. Currently, the connection API is: [noformat] hdfsFS hdfsConnect(const char* host, tPort port); [noformat] I suggest adding one or two additional API calls, to allow connection as a given user: [noformat] /** * hdfsConnect - Connect to a hdfs file system as the specified user, and all * of his/her groups */ hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid); /** * hdfsConnect - Connect to a hdfs file system as the specified user, and only the specified group */ hdfsFS hdfsConnect(const char* host, tPort port, uid_t uid, gid_t gid); [noformat] This would require libhdfs to achieve two tasks: * For a given uid, determine the username and all his/her groups (names), and use these to access a FileSystem object * For a given uid, determine the username and the group names Code to achieve this attached. > Support permissions in fuse-dfs > ------------------------------- > > Key: HADOOP-3536 > URL: https://issues.apache.org/jira/browse/HADOOP-3536 > Project: Hadoop Core > Issue Type: New Feature > Components: contrib/fuse-dfs > Reporter: Craig Macdonald > > Currently permissions are unsupported by fuse-dfs. > This manifests itself as two issues: > * Users accessing a fuse-dfs mount do so as the user running fuse_dfs executable. In this case, it would be better to run fuse-dfr as some privileged user, and use Hadoop API calls determine whether the current user was privileged enough to perform the action. > * Users cannot view/change permissions on the mounted volume. See HADOOP-3264 -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.