hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Chu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-6767) Cannot remove directory within encryption zone to Trash
Date Wed, 30 Jul 2014 04:58:39 GMT

     [ https://issues.apache.org/jira/browse/HDFS-6767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Stephen Chu updated HDFS-6767:
------------------------------

    Attachment: HDFS-6767.1.patch

I agree that improving the error message and requiring users to skip the trash is appropriate
and reasonable.

Attaching a sample patch that appends the cause to the "Failed to move to trash" error message.
Tested it out and the output is now changed to the clearer 
{code}
rm: Failed to move to trash: hdfs://schu-enc2.vpc.com:8020/user/hdfs/enc: /user/hdfs/enc can't
be moved from an encryption zone.
{code}

This is the same issue as HDFS-6760 Deletion of directories with snapshots will not output
reason for trash move failure.

> Cannot remove directory within encryption zone to Trash
> -------------------------------------------------------
>
>                 Key: HDFS-6767
>                 URL: https://issues.apache.org/jira/browse/HDFS-6767
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>            Reporter: Stephen Chu
>         Attachments: HDFS-6767.1.patch
>
>
> Currently, users that want to remove an encrypted directory using the FsShell remove
commands need to skip the trash.
> If users try to remove an encrypted directory while Trash is enabled, they will see the
following error:
> {code}
> [hdfs@schu-enc2 ~]$ hdfs dfs -rm -r /user/hdfs/enc
> 2014-07-29 13:47:28,799 INFO  [main] hdfs.DFSClient (DFSClient.java:<init>(604))
- Found KeyProvider: KeyProviderCryptoExtension: jceks://file@/home/hdfs/hadoop-data/test.jks
> 2014-07-29 13:47:29,563 INFO  [main] fs.TrashPolicyDefault (TrashPolicyDefault.java:initialize(92))
- Namenode trash configuration: Deletion interval = 1440 minutes, Emptier interval = 0 minutes.
> rm: Failed to move to trash: hdfs://schu-enc2.vpc.com:8020/user/hdfs/enc. Consider using
-skipTrash option
> {code}
> This is because the encrypted dir cannot be moved from an encryption zone, as the NN
log explains:
> {code}
> 2014-07-29 13:47:29,596 INFO  [IPC Server handler 8 on 8020] ipc.Server (Server.java:run(2120))
- IPC Server handler 8 on 8020, call org.apache.hadoop.hdfs.protocol.ClientProtocol.rename
from 172.25.3.153:48295 Call#9 Retry#0
> java.io.IOException: /user/hdfs/enc can't be moved from an encryption zone.
> 	at org.apache.hadoop.hdfs.server.namenode.EncryptionZoneManager.checkMoveValidity(EncryptionZoneManager.java:175)
> 	at org.apache.hadoop.hdfs.server.namenode.FSDirectory.unprotectedRenameTo(FSDirectory.java:526)
> 	at org.apache.hadoop.hdfs.server.namenode.FSDirectory.renameTo(FSDirectory.java:440)
> 	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameToInternal(FSNamesystem.java:3593)
> 	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameToInt(FSNamesystem.java:3555)
> 	at org.apache.hadoop.hdfs.server.namenode.FSNamesystem.renameTo(FSNamesystem.java:3522)
> 	at org.apache.hadoop.hdfs.server.namenode.NameNodeRpcServer.rename(NameNodeRpcServer.java:727)
> 	at org.apache.hadoop.hdfs.protocolPB.ClientNamenodeProtocolServerSideTranslatorPB.rename(ClientNamenodeProtocolServerSideTranslatorPB.java:542)
> 	at org.apache.hadoop.hdfs.protocol.proto.ClientNamenodeProtocolProtos$ClientNamenodeProtocol$2.callBlockingMethod(ClientNamenodeProtocolProtos.java)
> 	at org.apache.hadoop.ipc.ProtobufRpcEngine$Server$ProtoBufRpcInvoker.call(ProtobufRpcEngine.java:607)
> 	at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:932)
> 	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2099)
> 	at org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:2095)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.Subject.doAs(Subject.java:415)
> 	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1626)
> 	at org.apache.hadoop.ipc.Server$Handler.run(Server.java:2093)
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message