hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Haohui Mai <h...@hortonworks.com>
Subject Re: [VOTE] Merge HDFS-4685 HDFS ACLs to trunk
Date Thu, 13 Feb 2014 21:13:28 GMT
+1

I have implemented and reviewed several parts of the features.

The design and implementation focus on providing high assurance the
security enforcement logic. I think the code is in good shape.

Thanks,
Haohui


On Mon, Feb 10, 2014 at 8:29 PM, Vinayakumar B <vinayakumar.b@huawei.com>wrote:

> +1 (non-binding)
>
> This feature is important and was pending for long time. Thanks everyone
> for all efforts.
> I have been part of the implementation, reviewed patches and design
> document.
>
> Good work guys.
>
> Cheers,
> Vinayakumar B.
>
> -----Original Message-----
> From: Chris Nauroth [mailto:cnauroth@hortonworks.com]
> Sent: 11 February 2014 06:17
> To: hdfs-dev@hadoop.apache.org
> Subject: [VOTE] Merge HDFS-4685 HDFS ACLs to trunk
>
> Hello everyone,
>
> I would like to call a vote to merge HDFS ACLs from branch HDFS-4685 to
> trunk.
>
> HDFS ACLs provide support for finer-grained permissions on files than what
> users can express today using traditional Unix permission bits.  An ACL
> (Access Control List) consists of a set of ACL entries.  Each ACL entry
> names a specific user or group and grants or denies read, write and execute
> permissions for that specific user or group.
>
> Development of this feature has been tracked in issue HDFS-4685:
> https://issues.apache.org/jira/browse/HDFS-4685
>
> The current design document is available here:
>
> https://issues.apache.org/jira/secure/attachment/12627729/HDFS-ACLs-Design-3.pdf
>
> All development work has been committed to the HDFS-4685 feature branch:
> http://svn.apache.org/viewvc/hadoop/common/branches/HDFS-4685/
>
> We're currently working on resolving conflicts with the fsimage protobuf
> merge, and we expect to complete that work soon.
>
> The feature is backwards-compatible.  By default, the feature is disabled.
>  A cluster administrator must enable support for ACLs in configuration.
>  There is no impact to existing clusters that choose to leave ACL support
> disabled.
>
> In addition to the existing tests that cover permissions, we've developed
> more than 200 new tests covering the new ACL get and set APIs through
> DistributedFileSystem and WebHdfsFileSystem, the new CLI commands,
> enforcement of ACLs during file access, integration with the existing
> permissions model, persistence of ACLs to fsimage and edits, and more.  We
> have documented our further system testing plans in a test plan document
> attached to issue HDFS-4685.
>
> I want to thank the numerous contributors who have participated in the
> branch development up to this point.  Code contributors are Vinayakumar B,
> Sachin Jose, Renil Joseph, Haohui Mai, Chris Nauroth and Jing Zhao.  Yesha
> Vora contributed the test plan.  The design document incorporates feedback
> from many community members: Dilli Arumugam, Brandon Li, Haohui Mai, Kevin
> Minder, Chris Nauroth, Sanjay Radia, Suresh Srinivas, Tsz Wo (Nicholas),
> SZE and Jing Zhao.  Code reviewers on individual patches include Arpit
> Agarwal, Colin Patrick McCabe, Haohui Mai, Chris Nauroth and Jing Zhao.
>
> This vote runs for a week and closes on 2/17/2014 at 11:59 pm PT.
>
> Chris Nauroth
> Hortonworks
> http://hortonworks.com/
>
> --
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
>

-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message