hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-5673) Implement logic for modification of ACLs.
Date Mon, 23 Dec 2013 22:11:50 GMT

    [ https://issues.apache.org/jira/browse/HDFS-5673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13855967#comment-13855967

Chris Nauroth commented on HDFS-5673:

Actually, the required functionality has a lot of tricky edge cases.  Most of what's here
is required functionality rather than an attempt to optimize the ACL.  Duplicate entries must
cause an error.  A named mask or named other entry must cause an error.  A mask must be calculated
automatically only if required, and only if there was no mask provided manually in the ACL
spec, and this decision is distinct per scope.  Deletion of mask where it is required must
cause an error.  If there is a default ACL, then the entries for owner, group and other must
be present.  However, they may be copied from the access ACL if unspecified, but this should
only be done if at least one default ACL entry has been provided.

It sounds like the gist is that you want to see if multiple iterations can make it more readable.
 We could potentially try something like: 1) merge, 2) insert access mask if needed, 3) copy
default entries if needed, 4) insert default mask if needed, 5) sort, 6) validate, where each
of those 6 steps is a separate iteration.  I'll try that.

The nice thing is that we have a big test suite that I've already validated against Linux
setfacl.  There is relatively little risk in experimenting with different approaches in the

> Implement logic for modification of ACLs.
> -----------------------------------------
>                 Key: HDFS-5673
>                 URL: https://issues.apache.org/jira/browse/HDFS-5673
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-5673.1.patch, HDFS-5673.2.patch, HDFS-5673.3.patch
> This patch will include the core logic for modification of ACLs.  This includes support
for all user-facing APIs that modify ACLs.  This will cover access ACLs, default ACLs, automatic
mask calculations, automatic inference of unprovided default ACL entries, and validation to
prevent creation of an invalid ACL.

This message was sent by Atlassian JIRA

View raw message