hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig Macdonald (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HADOOP-3536) Support permissions in fuse-dfs
Date Sun, 13 Jul 2008 15:55:31 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-3536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12613170#action_12613170
] 

Craig Macdonald commented on HADOOP-3536:
-----------------------------------------

Pete,

There's a few issues here: 

What does fuse support:
 * FUSE allows access to the user performing each operation. 
 *FUSE allows attributes and permissions to be retrieved and set.

What does fuse-dfs not support, but should:
 * fuse-dfs should access the DFS as the requesting user "asuser" (thereby upholding the hadoop
security model)
 * fuse-dfs should allow permissions to be set & retrieved from the DFS

fuse-dfs is bound by the API provided by libhdfs. In this case, the missing features are:
 * libhdfs should allow connection to the DFS as a given user
 * libhdfs should allow permissions to be set and retrieved. HADOOP-3264

I will split this JIRA up into several issues:
 * fuse-dfs user impersonation
 * fuse-dfs permissions set & get 
And add the missing libhdfs dependent JIRA
 * Allow connecting username to be specified in libhdfs

This JIRA will remain as an overview issue.

> Support permissions in fuse-dfs
> -------------------------------
>
>                 Key: HADOOP-3536
>                 URL: https://issues.apache.org/jira/browse/HADOOP-3536
>             Project: Hadoop Core
>          Issue Type: New Feature
>          Components: contrib/fuse-dfs
>            Reporter: Craig Macdonald
>         Attachments: getlogininfo.c
>
>
> Currently permissions are unsupported by fuse-dfs.
> This manifests itself as two issues:
>  * Users accessing a fuse-dfs mount do so as the user running fuse_dfs executable. In
this case, it would be better to run fuse-dfr as some privileged user, and use Hadoop API
calls determine whether the current user was privileged enough to perform the action.
>  * Users cannot view/change permissions on the mounted volume. See  HADOOP-3264

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message