hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-5616) NameNode: implement default ACL handling.
Date Wed, 05 Feb 2014 23:20:11 GMT

    [ https://issues.apache.org/jira/browse/HDFS-5616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13892742#comment-13892742
] 

Chris Nauroth commented on HDFS-5616:
-------------------------------------

Thanks, Haohui.  These are good suggestions, and I'll incorporate them into a v2 patch here.

bq. If the edit log truncates right before OP_SET_ACL, the semantic of default ACLs is lost.

In an earlier version of this code, I changed {{OP_ADD}} and {{OP_MKDIR}} to optionally encode
the ACL entries.  That would have made it atomic like you asked.  Then, I switched to this
two-op combo, because I thought it might be helpful to use {{hdfs namenode -recover}} to get
back the file even if its {{OP_SET_ACL}} got truncated/corrupted.

However, now I'm doubting that decision.  If we recover the file without all of its security
restrictions in place, then that might not be such a helpful thing depending on the sensitivity
of the data.  I'll resurrect the former version of the code when I post v2 so that we have
a guarantee of atomicity.

> NameNode: implement default ACL handling.
> -----------------------------------------
>
>                 Key: HDFS-5616
>                 URL: https://issues.apache.org/jira/browse/HDFS-5616
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-5616.1.patch
>
>
> Implement and test handling of default ACLs within NameNode.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message