Return-Path: X-Original-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Delivered-To: apmail-hadoop-hdfs-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 650D8104FE for ; Mon, 5 Jan 2015 18:23:36 +0000 (UTC) Received: (qmail 58658 invoked by uid 500); 5 Jan 2015 18:23:37 -0000 Delivered-To: apmail-hadoop-hdfs-issues-archive@hadoop.apache.org Received: (qmail 58614 invoked by uid 500); 5 Jan 2015 18:23:37 -0000 Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: hdfs-issues@hadoop.apache.org Delivered-To: mailing list hdfs-issues@hadoop.apache.org Received: (qmail 58462 invoked by uid 99); 5 Jan 2015 18:23:37 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 05 Jan 2015 18:23:37 +0000 Date: Mon, 5 Jan 2015 18:23:36 +0000 (UTC) From: "Chris Nauroth (JIRA)" To: hdfs-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HDFS-7582) Limit the number of default ACL entries to Half of maximum entries (16) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HDFS-7582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14264853#comment-14264853 ] Chris Nauroth commented on HDFS-7582: ------------------------------------- Hi, [~vinayrpet]. I had tested this behavior against a Linux file system with POSIX ACLs during initial implementation. I observed the same behavior on Linux: you can end up exceeding the limit of 32 if there are a lot of default ACL entries. While it's a bit counter-intuitive, I thought it would be more familiar to users if HDFS kept the same behavior. Let me know what you think. > Limit the number of default ACL entries to Half of maximum entries (16) > ----------------------------------------------------------------------- > > Key: HDFS-7582 > URL: https://issues.apache.org/jira/browse/HDFS-7582 > Project: Hadoop HDFS > Issue Type: Bug > Components: namenode > Reporter: Vinayakumar B > Assignee: Vinayakumar B > Attachments: HDFS-7582-001.patch > > > Current ACL limits are only on the total number of entries. > But there can be a situation where number of default entries for a directory will be more than half of the maximum entries, i.e. > 16. > In such case, under this parent directory only files can be created which will have ACLs inherited using parent's default entries. > But when directories are created, total number of entries will be more than the maximum allowed, because sub-directories copies both inherited ACLs as well as default entries. > Since currently there is no check while copying ACLs from default ACLs directory creation succeeds, but any modification (only permission on one entry also) on the same ACL will fail. > So it would be better to restrict the default entries to 16. -- This message was sent by Atlassian JIRA (v6.3.4#6332)