hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Chu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-6767) Cannot remove directory within encryption zone to Trash
Date Tue, 29 Jul 2014 13:55:40 GMT
Stephen Chu created HDFS-6767:
---------------------------------

             Summary: Cannot remove directory within encryption zone to Trash
                 Key: HDFS-6767
                 URL: https://issues.apache.org/jira/browse/HDFS-6767
             Project: Hadoop HDFS
          Issue Type: Sub-task
          Components: security
    Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
            Reporter: Stephen Chu


Currently, users that want to remove an encrypted directory using the FsShell remove commands
need to skip the trash.

If users try to remove an encrypted directory while Trash is enabled, they will see the following
error:

{code}
[hdfs@schu-enc2 ~]$ hdfs dfs -rm -r /user/hdfs/enc
2014-07-29 13:47:28,799 INFO  [main] hdfs.DFSClient (DFSClient.java:<init>(604)) - Found
KeyProvider: KeyProviderCryptoExtension: jceks://file@/home/hdfs/hadoop-data/test.jks
2014-07-29 13:47:29,563 INFO  [main] fs.TrashPolicyDefault (TrashPolicyDefault.java:initialize(92))
- Namenode trash configuration: Deletion interval = 1440 minutes, Emptier interval = 0 minutes.
rm: Failed to move to trash: hdfs://schu-enc2.vpc.com:8020/user/hdfs/enc. Consider using -skipTrash
option
{code}

This is because the encrypted dir cannot be moved from an encryption zone, as the NN log explains:

{code}
2014-07-29 13:47:29,596 INFO  [IPC Server handler 8 on 8020] ipc.Server (Server.java:run(2120))
- IPC Server handler 8 on 8020, call org.apache.hadoop.hdfs.protocol.ClientProtocol.rename
from 172.25.3.153:48295 Call#9 Retry#0
java.io.IOException: /user/hdfs/enc can't be moved from an encryption zone.
	at org.apache.hadoop.hdfs.server.namenode.EncryptionZoneManager.checkMoveValidity(EncryptionZoneManager.java:175)
	at org.apache.hadoop.hdfs.server.namenode.FSDirectory.unprotectedRenameTo(FSDirectory.java:526)
	at org.apache.hadoop.hdfs.server.namenode.FSDirectory.renameTo(FSDirectory.java:440)
	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameToInternal(FSNamesystem.java:3593)
	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameToInt(FSNamesystem.java:3555)
	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameTo(FSNamesystem.java:3522)
	at org.apache.hadoop.hdfs.server.namenode.NameNodeRpcServer.rename(NameNodeRpcServer.java:727)
	at org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolServerSideTranslatorPB.rename(ClientNamenodeProtocolServerSideTranslatorPB.java:542)
	at org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos$ClientNamenodeProtocol$2.callBlockingMethod(ClientNamenodeProtocolProtos.java)
	at org.apache.hadoop.ipc.ProtobufRpcEngine$Server$ProtoBufRpcInvoker.call(ProtobufRpcEngine.java:607)
	at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:932)
	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2099)
	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2095)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:415)
	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1626)
	at org.apache.hadoop.ipc.Server$Handler.run(Server.java:2093)
{code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message