hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10213) setfacl -x should reject attempts to include permissions in the ACL spec.
Date Fri, 17 Jan 2014 19:40:21 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13875176#comment-13875176
] 

Chris Nauroth commented on HADOOP-10213:
----------------------------------------

The refactoring change looks good.  Thanks!

I've discovered a few other small problems while running a dev build of the HDFS-4685 branch
plus some additional uncommitted patches.  Can we address the following as part of this patch?
 I think the changes will be small.

# I noticed that setfacl wasn't actually doing anything.  This is because it was popping the
path argument from the list, and this caused the base classes to think there was no path to
process.  To fix this, please 1) remove the {{SetfaclCommand#path}} member variable, 2) in
{{SetfaclCommand#processOptions}} remove the line that deleted from the {{args}} list and
assigned to {{path}}, 3) in {{SetfaclCommand#processPath}}, you can use {{item.path}} instead
of the old {{path}} member variable.
# I noticed that {{parseAclSpec}} was failing for comma-separated lists of multiple ACL entries.
 The reason for this is that within the for loop, it's calling {{aclSpec.split}}, which splits
the whole ACL spec.  Instead, it should be calling {{aclStr.split}} to split just the single
ACL entry.
# Let's add a test to {{TestAclCommands}} for passing a comma-separated list to cover the
above change.


> setfacl -x should reject attempts to include permissions in the ACL spec.
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-10213
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10213
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: tools
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Vinay
>         Attachments: HADOOP-10213.patch, HADOOP-10213.patch, HADOOP-10213.patch
>
>
> When calling setfacl -x to remove ACL entries, it does not make sense for the entries
in the ACL spec to contain permissions.  The permissions should be unspecified, and the CLI
should return an error if the user attempts to provide permissions.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message