hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nauroth (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-8649) Default ACL is not inherited if directory is generated by FileSystem.create interface
Date Mon, 29 Jun 2015 21:32:05 GMT

    [ https://issues.apache.org/jira/browse/HDFS-8649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14606445#comment-14606445
] 

Chris Nauroth commented on HDFS-8649:
-------------------------------------

Hello [~sinago].  Thank you for the detailed bug report.  This does indeed look like a bug.
 It's inconsistent with a recursive {{mkdir}}.

> Default ACL is not inherited if directory is generated by FileSystem.create interface
> -------------------------------------------------------------------------------------
>
>                 Key: HDFS-8649
>                 URL: https://issues.apache.org/jira/browse/HDFS-8649
>             Project: Hadoop HDFS
>          Issue Type: Bug
>            Reporter: zhouyingchao
>            Assignee: zhouyingchao
>
> I have a directory /acltest/t, whose acl is as following:
> {code}
> # file: /acltest/t
> # owner: hdfs_tst_admin
> # group: supergroup
> user::rwx
> group::rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> {code}
> My program create a file /acltest/t/a/b using the FileSystem.create interface. The acl
of directory /acltest/t/a is as following:
> {code}
> # file: /acltest/t/a
> # owner: hdfs_tst_admin
> # group: supergroup
> user::rwx
> group::rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> {code}
> As you can see, the child directory "b" did not inherit its parent's default acl for
other.
> By looking into the implementation, the FileSystem.create interface will automatically
create non-existing entries in the path, it is done by calling FSNamesystem.mkdirsRecursively
and hard-coded the third param (inheritPermission) as true. In FSNamesystem.mkdirsRecursively,
when inheritPermission is true, the parent's real permission (rather than calculation from
default acl) would be used as the new directory's permission.
> Is this behavior correct?  The default acl is not worked as people expected. It kind
of render many access issues in our setup.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message