hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10213) setfacl -x should reject attempts to include permissions in the ACL spec.
Date Wed, 15 Jan 2014 05:57:26 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13871689#comment-13871689

Chris Nauroth commented on HADOOP-10213:

Thanks, Vinay.

bq. Only thing I am concerned about is while implementation removal of acl entry proper ack
entry should be found regardless of the permission.

Yes, this is important too.  This is also handled server-side in the NameNode.  The relevant
code is in {{AclTransformation#filterAclEntriesByAclSpec}}, which also uses a helper method
{{AclTransformation#ValidatedAclSpec#containsKey}}.  This method finds an entry in the ACL
spec by a key consisting of scope + type + name (but not permission).

> setfacl -x should reject attempts to include permissions in the ACL spec.
> -------------------------------------------------------------------------
>                 Key: HADOOP-10213
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10213
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: tools
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Vinay
>         Attachments: HADOOP-10213.patch
> When calling setfacl -x to remove ACL entries, it does not make sense for the entries
in the ACL spec to contain permissions.  The permissions should be unspecified, and the CLI
should return an error if the user attempts to provide permissions.

This message was sent by Atlassian JIRA

View raw message