hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Lamb (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-6386) HDFS Encryption Zones
Date Fri, 30 May 2014 17:15:03 GMT

     [ https://issues.apache.org/jira/browse/HDFS-6386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Charles Lamb updated HDFS-6386:

    Attachment: HDFS-6386.1.patch

Here are some diffs that provide the basic client/namenode protocol and API for the various
Encryption Zone functions.

There are four methods on the API:

void createEncryptionZone(String path, FsPermission mask, String keyId) throws IOException;

Creates an encryption zone on an empty directory, optionally using keyId. If the directory
does not exist or is not empty, an exception is thrown.

void deleteEncryptionZone(String path) throws IOException;

Removes an encryption zone from an empty directory. If the directory does not exist or is
not empty, an exception is thrown.

void listEncryptionZones() throws IOException;

List the encryption zones (paths only) that the calling user has access to.

void showEncryptionZones() throws IOException;

List the encryption zones (paths, keyid, keyversion) that the admin has access to. Only accessible
by the admin.

All of these methods are HdfsAdmin only since they are HDFS only functions.

> HDFS Encryption Zones
> ---------------------
>                 Key: HDFS-6386
>                 URL: https://issues.apache.org/jira/browse/HDFS-6386
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode, security
>            Reporter: Alejandro Abdelnur
>            Assignee: Charles Lamb
>         Attachments: HDFS-6386.1.patch
> Define the required security xAttributes for directories and files within an encryption
zone and how they propagate to children. Implement the logic to create/delete encryption zones.

This message was sent by Atlassian JIRA

View raw message