hadoop-hdfs-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wei-Chiu Chuang (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-13521) NFS Gateway should support impersonation
Date Wed, 02 May 2018 20:54:00 GMT
Wei-Chiu Chuang created HDFS-13521:
--------------------------------------

             Summary: NFS Gateway should support impersonation
                 Key: HDFS-13521
                 URL: https://issues.apache.org/jira/browse/HDFS-13521
             Project: Hadoop HDFS
          Issue Type: Bug
            Reporter: Wei-Chiu Chuang


Similar to HDFS-10481, NFS gateway and httpfs are independent processes that accept client
connections.
NFS Gateway currently solves file permission/ownership problem by running as HDFS super user,
and then call setOwner() to change file owner.

This is not desirable.
# it adds additional RPC load to NameNode. 
#  this does not support at-rest encryption, because by design, HDFS super user cannot access
KMS.

This is yet another problem around KMS ACL. [~xiaochen] [~rushabh.shah] thoughts?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org


Mime
View raw message