Return-Path: X-Original-To: apmail-hadoop-hdfs-dev-archive@minotaur.apache.org Delivered-To: apmail-hadoop-hdfs-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 91488179B8 for ; Tue, 11 Nov 2014 18:28:35 +0000 (UTC) Received: (qmail 74863 invoked by uid 500); 11 Nov 2014 18:28:34 -0000 Delivered-To: apmail-hadoop-hdfs-dev-archive@hadoop.apache.org Received: (qmail 74748 invoked by uid 500); 11 Nov 2014 18:28:34 -0000 Mailing-List: contact hdfs-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-dev@hadoop.apache.org Delivered-To: mailing list hdfs-dev@hadoop.apache.org Received: (qmail 74429 invoked by uid 99); 11 Nov 2014 18:28:34 -0000 Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Nov 2014 18:28:34 +0000 Received: from mail-ie0-f170.google.com (mail-ie0-f170.google.com [209.85.223.170]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id C13601A01AD for ; Tue, 11 Nov 2014 18:27:38 +0000 (UTC) Received: by mail-ie0-f170.google.com with SMTP id tp5so12064028ieb.15 for ; Tue, 11 Nov 2014 10:28:30 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.50.66.179 with SMTP id g19mr34378713igt.8.1415730510327; Tue, 11 Nov 2014 10:28:30 -0800 (PST) Received: by 10.107.45.77 with HTTP; Tue, 11 Nov 2014 10:28:30 -0800 (PST) Date: Tue, 11 Nov 2014 23:58:30 +0530 Message-ID: Subject: Clarification related to ACL with setPermission From: Vinayakumar B To: hdfs-dev@hadoop.apache.org Content-Type: multipart/alternative; boundary=047d7bdc15b22a993405079972ec --047d7bdc15b22a993405079972ec Content-Type: text/plain; charset=UTF-8 Hi, Here is the scenario. 1. owner : *user1, *ownerGroup: *group1* *2. /dir *have permissions set 700 (rwx------) using setPermission(). 3. Now another Named group ACL has been set to allow access to another group group:*group2:r-x* 4. Now, when */dir is *accessed from a user belongs to *group2, *Its success. 5. But, the steps #2 and #3 are inter-changed, i.e. setPermission (700) later, then dir is not given access for a user belongs to *group2.* This is same as linux behaviour. But ideally, access should be given, regardless of the order of setting acl and setting permission. Any thoughts on this? Regards, Vinay --047d7bdc15b22a993405079972ec--