hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HDFS-8419) chmod impact user's effective ACL
Date Mon, 18 May 2015 17:11:01 GMT

     [ https://issues.apache.org/jira/browse/HDFS-8419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Chris Nauroth resolved HDFS-8419.
    Resolution: Not A Problem

Hello, [~sinago].  This behavior is by design.  The documentation mentions that running {{chmod}}
on a file with an ACL actually changes the permissions on the mask entry, which in turn alters
the effective permissions for all extended ACL entries.


This behavior matches with the POSIX ACL model.  The spec that we used as a reference during
development goes into greater detail describing the motivation for the mask entry and its
interaction with applications that are not ACL-aware, such as {{chmod}}.


If you want, you can control the mask entry directly by using {{setfacl -m}} and including
a mask entry with the explicit permissions that you want.

> chmod impact user's effective ACL
> ---------------------------------
>                 Key: HDFS-8419
>                 URL: https://issues.apache.org/jira/browse/HDFS-8419
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: HDFS
>    Affects Versions: 2.6.0
>            Reporter: zhouyingchao
>            Assignee: zhouyingchao
> I set a directory's ACL to assign rwx permission to user h_user1. Later, I used chmod
to change the group permission to r-x. I understand chmod of an acl enabled file would only
change the permission mask. The abnormal thing is that the operation will change the h_user1's
effective ACL from rwx to r-x.
> Following are ACLs before any operaton:
> -----------------------------------------
> \# file: /grptest
> \# owner: hdfs_tst_admin
> \# group: supergroup
> user::rwx
> user:h_user1:rwx
> group::r-x
> mask::rwx
> other::---
> -----------------------------------------
> Following are ACLs after "chmod 750 /grptest"
> -----------------------------------------
> \# file: /grptest
> \# owner: hdfs_tst_admin
> \# group: supergroup
> user::rwx
> user:h_user1:rwx	#effective:r-x
> group::r-x
> mask::r-x
> other::---
> -----------------------------------------
> I'm wondering if this behavior is by design.  If not, I'd like to fix the issue. Thank

This message was sent by Atlassian JIRA

View raw message