hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Uma Maheswara Rao G (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (HDFS-6556) Refine XAttr permissions
Date Fri, 27 Jun 2014 15:39:26 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14045788#comment-14045788
] 

Uma Maheswara Rao G edited comment on HDFS-6556 at 6/27/14 3:38 PM:
--------------------------------------------------------------------

Thanks a lot, [~cnauroth] for the review!
Attached a patch which should address your suggestion.


was (Author: umamaheswararao):
Thanks a lot, Chris for the review!
Attached a patch which should address your suggestion.

> Refine XAttr permissions
> ------------------------
>
>                 Key: HDFS-6556
>                 URL: https://issues.apache.org/jira/browse/HDFS-6556
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: namenode
>    Affects Versions: 2.5.0
>            Reporter: Yi Liu
>            Assignee: Uma Maheswara Rao G
>         Attachments: RefinedPermissions-HDFS-6556-1.patch, RefinedPermissions-HDFS-6556.patch,
refinedPermissions-HDFS-6556-2.patch, refinedPermissions-HDFS-6556-3.patch
>
>
> After discuss with Uma, we should refine setting permissions of {{user}} and {{trusted}}
namespace xattrs.
> *1.* For {{user}} namespace xattrs, In HDFS-6374, says "setXAttr should require the user
to be the owner of the file or directory", we have a bit misunderstanding. It actually is:
> {quote}
> The access permissions for user attributes are defined by the file permission bits. only
regular files and directories can have extended attributes. For sticky directories, only the
owner and privileged user can write attributes.
> {quote}
> We can refer to linux source code in http://lxr.free-electrons.com/source/fs/xattr.c?v=2.6.35

> I also check in linux, it's controlled by the file permission bits for regular files
and directories (not sticky).
> *2.* For {{trusted}} namespace, currently we require the user should be owner and superuser.
Actually superuser is enough. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message