Return-Path: Delivered-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Received: (qmail 17545 invoked from network); 27 Apr 2010 22:02:01 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 27 Apr 2010 22:02:01 -0000 Received: (qmail 58745 invoked by uid 500); 27 Apr 2010 22:02:01 -0000 Delivered-To: apmail-hadoop-hdfs-issues-archive@hadoop.apache.org Received: (qmail 58716 invoked by uid 500); 27 Apr 2010 22:02:01 -0000 Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-issues@hadoop.apache.org Delivered-To: mailing list hdfs-issues@hadoop.apache.org Received: (qmail 58708 invoked by uid 99); 27 Apr 2010 22:02:01 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Apr 2010 22:02:01 +0000 X-ASF-Spam-Status: No, hits=-1357.0 required=10.0 tests=ALL_TRUSTED,AWL X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Apr 2010 22:02:00 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o3RM1d0b022899 for ; Tue, 27 Apr 2010 22:01:40 GMT Message-ID: <24905253.43601272405699949.JavaMail.jira@thor> Date: Tue, 27 Apr 2010 18:01:39 -0400 (EDT) From: "Allen Wittenauer (JIRA)" To: hdfs-issues@hadoop.apache.org Subject: [jira] Commented: (HDFS-1113) Allow users with write access to a directory to change ownership of its subdirectories/files In-Reply-To: <4142786.41691272402513650.JavaMail.jira@thor> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HDFS-1113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12861571#action_12861571 ] Allen Wittenauer commented on HDFS-1113: ---------------------------------------- I do know that tar and likely other archiving technologies rely upon this behavior in POSIX. The code for tar p basically tries to set the user/group to match the archive. If it fails, it just throws away the error and continues unarchiving. Needless to say, such a change would have large ramifications for something like FUSE. [and eliminate HFDS as a backend replacement for POSIX-style fs's such as pNFS?] While I have no hard evidence that this is such a bad change, I'd prefer this to be a toggle. Preferably a per-dir-like thing similar to how quotas were done. [Of course, such an option just exacerbates the reporting and operational problems that HDFS has.] I'm concerned about user home directories where it would be an administrative nightmare. There is also the security aspects to be concerned about. If I chown a file to someone else, they'll be able to chmod it and now they have write access to a dir. What if they were never supposed to have access to this cluster to begin with? While I can appreciate why this would be useful in certain contexts, it definitely sets my spidey sense off. > Allow users with write access to a directory to change ownership of its subdirectories/files > -------------------------------------------------------------------------------------------- > > Key: HDFS-1113 > URL: https://issues.apache.org/jira/browse/HDFS-1113 > Project: Hadoop HDFS > Issue Type: New Feature > Components: name-node > Environment: All > Reporter: Milind Bhandarkar > Assignee: Sanjay Radia > > owner and group of a file/directory, and namespace/diskspace quota for a directory are mutable attributes. If I have writable access to a directory, say /team/MyTeam, and if there are subdirectories underneath, such as /team/MyTeam/TeamMember1, /team/MyTeam/TeamMember2, then I should be able to chown, chgrp, setQuota, clrQuota on TeamMemeber{1|2} subdirectories. Currently in HDFS (and in Posix), it requires me to be a superuser to perform these operations. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.