Return-Path: X-Original-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3C62B11CE0 for ; Wed, 25 Jun 2014 12:02:25 +0000 (UTC) Received: (qmail 17108 invoked by uid 500); 25 Jun 2014 12:02:25 -0000 Delivered-To: apmail-hadoop-hdfs-issues-archive@hadoop.apache.org Received: (qmail 17055 invoked by uid 500); 25 Jun 2014 12:02:25 -0000 Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-issues@hadoop.apache.org Delivered-To: mailing list hdfs-issues@hadoop.apache.org Received: (qmail 17039 invoked by uid 99); 25 Jun 2014 12:02:24 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 25 Jun 2014 12:02:24 +0000 Date: Wed, 25 Jun 2014 12:02:24 +0000 (UTC) From: "Uma Maheswara Rao G (JIRA)" To: hdfs-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HDFS-6556) Refine XAttr permissions MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HDFS-6556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14043365#comment-14043365 ] Uma Maheswara Rao G commented on HDFS-6556: ------------------------------------------- Thanks a lot, Yi for the review. [~andrew.wang] or [~cnauroth] , do you want to take a look ? If any of you +1, I can go for commit. > Refine XAttr permissions > ------------------------ > > Key: HDFS-6556 > URL: https://issues.apache.org/jira/browse/HDFS-6556 > Project: Hadoop HDFS > Issue Type: Bug > Components: namenode > Affects Versions: 2.5.0 > Reporter: Yi Liu > Assignee: Uma Maheswara Rao G > Attachments: RefinedPermissions-HDFS-6556-1.patch, RefinedPermissions-HDFS-6556.patch, refinedPermissions-HDFS-6556-2.patch > > > After discuss with Uma, we should refine setting permissions of {{user}} and {{trusted}} namespace xattrs. > *1.* For {{user}} namespace xattrs, In HDFS-6374, says "setXAttr should require the user to be the owner of the file or directory", we have a bit misunderstanding. It actually is: > {quote} > The access permissions for user attributes are defined by the file permission bits. only regular files and directories can have extended attributes. For sticky directories, only the owner and privileged user can write attributes. > {quote} > We can refer to linux source code in http://lxr.free-electrons.com/source/fs/xattr.c?v=2.6.35 > I also check in linux, it's controlled by the file permission bits for regular files and directories (not sticky). > *2.* For {{trusted}} namespace, currently we require the user should be owner and superuser. Actually superuser is enough. -- This message was sent by Atlassian JIRA (v6.2#6252)