hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Allen Wittenauer (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-1113) Allow users with write access to a directory to change ownership of its subdirectories/files
Date Tue, 27 Apr 2010 22:01:39 GMT

    [ https://issues.apache.org/jira/browse/HDFS-1113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12861571#action_12861571
] 

Allen Wittenauer commented on HDFS-1113:
----------------------------------------

I do know that tar and likely other archiving technologies rely upon this behavior in POSIX.
 The code for tar p basically tries to set the user/group to match the archive.  If it fails,
it just throws away the error and continues unarchiving.

Needless to say, such a change would have large ramifications for something like FUSE.  [and
eliminate HFDS as a backend replacement for POSIX-style fs's such as pNFS?]

While I have no hard evidence that this is such a bad change, I'd prefer this to be a toggle.
 Preferably a per-dir-like thing similar to how quotas were done.  [Of course, such an option
just exacerbates the reporting and operational problems that HDFS has.]  I'm concerned about
user home directories where it would be an administrative nightmare.

There is also the security aspects to be concerned about.  If I chown a file to someone else,
they'll be able to chmod it and now they have write access to a dir.  What if they were never
supposed to have access to this cluster to begin with?

While I can appreciate why this would be useful in certain contexts, it definitely sets my
spidey sense off.

> Allow users with write access to a directory to change ownership of its subdirectories/files
> --------------------------------------------------------------------------------------------
>
>                 Key: HDFS-1113
>                 URL: https://issues.apache.org/jira/browse/HDFS-1113
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: name-node
>         Environment: All
>            Reporter: Milind Bhandarkar
>            Assignee: Sanjay Radia
>
> owner and group of a file/directory, and namespace/diskspace quota for a directory are
mutable attributes. If I have writable access to a directory, say /team/MyTeam, and if there
are subdirectories underneath, such as /team/MyTeam/TeamMember1, /team/MyTeam/TeamMember2,
then I should be able to chown, chgrp, setQuota, clrQuota on TeamMemeber{1|2} subdirectories.
Currently in HDFS (and in Posix), it requires me to be a superuser to perform these operations.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message