hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Patrick McCabe (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6516) Persist and Restore the List of Encryption Zones
Date Tue, 24 Jun 2014 22:06:24 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14042766#comment-14042766

Colin Patrick McCabe commented on HDFS-6516:

Is the {{system.hdfs.crypto.key-id}} xattr used to store information about an encryption zone
on a directory?  It seems like "encryption zone" should be in the name somewhere if so.

Also, why do we even allow the CRYPTO_XATTR_KEY_ID to be removed from an inode?  I thought
the only way to remove an encryption zone is to empty out the whole subtree, and then to delete
the inode.  If that's the case, we should not even allow CRYPTO_XATTR_KEY_ID to be deleted,
but simply check for the whole directory inode to be deleted.  So the hook should be inside
"delete" (what is normally called rmdir).

Simiarly, this patch doesn't seem to deal with encryption xattrs that come into existence
through a create op with an xattr attached.  If I understand correctly, that's going to be
the main way we try to do things in the future to avoid races.

> Persist and Restore the List of Encryption Zones
> ------------------------------------------------
>                 Key: HDFS-6516
>                 URL: https://issues.apache.org/jira/browse/HDFS-6516
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Charles Lamb
>            Assignee: Charles Lamb
>         Attachments: HDFS-6516.001.patch
> The list Encryption Zones command (CLI) and backend implementation (FSNamesystem) needs
to be implemented. As part of this, the tests in TestEncryptionZonesAPI should be updated
to use that to validate the results of the various CreateEZ and DeleteEZ tests.

This message was sent by Atlassian JIRA

View raw message