hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daryn Sharp (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6165) "hdfs dfs -rm -r" is slightly different from the Unix "rm -r" for deleting an empty directory
Date Sat, 29 Mar 2014 19:28:15 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13954405#comment-13954405
] 

Daryn Sharp commented on HDFS-6165:
-----------------------------------

Here's what I get on my mac (BSD based 10.9) which seems similar to the previously posted
results.  It's a full recap to spare others reading this whole discussion.

Fails because no perms at all to see dir contents.
{noformat}
$ mkdir -p test/bar; sudo chown root test/bar; sudo chmod a= test/bar
$ rm -rf test
rm: test/bar: Permission denied
rm: test: Directory not empty
{noformat}

Fails because execute but no read perms to see dir contents.
{noformat}
$ mkdir -p test/bar; sudo chown root test/bar; sudo chmod a=x test/bar
$ rm -rf test
rm: test/bar: Permission denied
rm: test: Directory not empty
{noformat}

Works because of read perms and -f flag.
{noformat}
$ mkdir -p test/bar; sudo chown root test/bar; sudo chmod a=r test/bar
$ rm -rf test
{noformat}

Read perms sans -f require a prompt??
{noformat}
$ mkdir -p test/bar; sudo chown root test/bar; sudo chmod a=r test/bar
$ rm -r test
override r--r--r--  root/wheel for test/bar?
{noformat}

Works because can't prompt with no STDIN.
{noformat}
$ mkdir -p test/bar; sudo chown root test/bar; sudo chmod a=r test/bar
$ perl -e 'close(STDIN); system("rm -r test")'
{noformat}

---

Quick summary:
# the kernel will delete a non-owned directory if and only if the user has read perms which
allow it to determine the directory is empty
# it's the userland rm that decides if it should prompt to delete a non-owned directory

I don't agree with any incompatible changes to the NN protocol.  Years ago I made FsShell
as POSIX like as possible and have always argued for POSIX behavior since.  However, I find
the prompting silly and incompatible.  It's a userland check so adding this support to the
NN doesn't make sense to me.

My opinion is the only change should be the NN allows empty dirs be deleted if the user has
read perms.  No changes to -f.  Let -f continue to mean "If the file does not exist, do not
display a diagnostic message or modify the exit status to reflect an error".


> "hdfs dfs -rm -r" is slightly different from the Unix "rm -r" for deleting an empty directory
> ---------------------------------------------------------------------------------------------
>
>                 Key: HDFS-6165
>                 URL: https://issues.apache.org/jira/browse/HDFS-6165
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: hdfs-client
>    Affects Versions: 2.3.0
>            Reporter: Yongjun Zhang
>            Assignee: Yongjun Zhang
>            Priority: Minor
>         Attachments: HDFS-6165.001.patch, HDFS-6165.002.patch
>
>
> Given a directory owned by user A with permissions 0700 containing an empty directory
owned by user B, it is not possible to delete user B's directory. This is incorrect. Write
permission on the containing directory should be all that is needed to delete the child directory.
Here's a reproduction:
> {code}
> [root@vm01 ~]# hdfs dfs -ls /user/
> Found 4 items
> drwxr-xr-x   - userabc users               0 2013-05-03 01:55 /user/userabc
> drwxr-xr-x   - hdfs    supergroup          0 2013-05-03 00:28 /user/hdfs
> drwxrwxrwx   - mapred  hadoop              0 2013-05-03 00:13 /user/history
> drwxr-xr-x   - hdfs    supergroup          0 2013-04-14 16:46 /user/hive
> [root@vm01 ~]# hdfs dfs -ls /user/userabc
> Found 8 items
> drwx------   - userabc users          0 2013-05-02 17:00 /user/userabc/.Trash
> drwxr-xr-x   - userabc users          0 2013-05-03 01:34 /user/userabc/.cm
> drwx------   - userabc users          0 2013-05-03 01:06 /user/userabc/.staging
> drwxr-xr-x   - userabc users          0 2013-04-14 18:31 /user/userabc/apps
> drwxr-xr-x   - userabc users          0 2013-04-30 18:05 /user/userabc/ds
> drwxr-xr-x   - hdfs    users          0 2013-05-03 01:54 /user/userabc/foo
> drwxr-xr-x   - userabc users          0 2013-04-30 16:18 /user/userabc/maven_source
> drwxr-xr-x   - hdfs    users          0 2013-05-03 01:40 /user/userabc/test-restore
> [root@vm01 ~]# hdfs dfs -ls /user/userabc/foo/
> [root@vm01 ~]# sudo -u userabc hdfs dfs -rm -r -skipTrash /user/userabc/foo
> rm: Permission denied: user=userabc, access=ALL, inode="/user/userabc/foo":hdfs:users:drwxr-xr-x
> {code}
> The super user can delete the directory.
> {code}
> [root@vm01 ~]# sudo -u hdfs hdfs dfs -rm -r -skipTrash /user/userabc/foo
> Deleted /user/userabc/foo
> {code}
> The same is not true for files, however. They have the correct behavior.
> {code}
> [root@vm01 ~]# sudo -u hdfs hdfs dfs -touchz /user/userabc/foo-file
> [root@vm01 ~]# hdfs dfs -ls /user/userabc/
> Found 8 items
> drwx------   - userabc users          0 2013-05-02 17:00 /user/userabc/.Trash
> drwxr-xr-x   - userabc users          0 2013-05-03 01:34 /user/userabc/.cm
> drwx------   - userabc users          0 2013-05-03 01:06 /user/userabc/.staging
> drwxr-xr-x   - userabc users          0 2013-04-14 18:31 /user/userabc/apps
> drwxr-xr-x   - userabc users          0 2013-04-30 18:05 /user/userabc/ds
> -rw-r--r--   1 hdfs    users          0 2013-05-03 02:11 /user/userabc/foo-file
> drwxr-xr-x   - userabc users          0 2013-04-30 16:18 /user/userabc/maven_source
> drwxr-xr-x   - hdfs    users          0 2013-05-03 01:40 /user/userabc/test-restore
> [root@vm01 ~]# sudo -u userabc hdfs dfs -rm -skipTrash /user/userabc/foo-file
> Deleted /user/userabc/foo-file
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message