hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From te...@apache.org
Subject hbase git commit: HBASE-17861: Regionserver down when checking the permission of staging dir if hbase.rootdir is on S3
Date Tue, 04 Apr 2017 14:22:39 GMT
Repository: hbase
Updated Branches:
  refs/heads/branch-1 19e4e4d49 -> 4057a6c89


HBASE-17861: Regionserver down when checking the permission of staging dir if hbase.rootdir
is on S3

Signed-off-by: tedyu <yuzhihong@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/4057a6c8
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/4057a6c8
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/4057a6c8

Branch: refs/heads/branch-1
Commit: 4057a6c89c74c9f595cb51ac3bdc288396a0b257
Parents: 19e4e4d
Author: Yi Liang <easyliangjob@gmail.com>
Authored: Mon Apr 3 20:39:35 2017 -0700
Committer: tedyu <yuzhihong@gmail.com>
Committed: Tue Apr 4 07:22:31 2017 -0700

----------------------------------------------------------------------
 .../security/access/SecureBulkLoadEndpoint.java    | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/4057a6c8/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/SecureBulkLoadEndpoint.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/SecureBulkLoadEndpoint.java
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/SecureBulkLoadEndpoint.java
index 6b062ab..030e138 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/SecureBulkLoadEndpoint.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/SecureBulkLoadEndpoint.java
@@ -72,9 +72,12 @@ import java.math.BigInteger;
 import java.security.PrivilegedAction;
 import java.security.SecureRandom;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 /**
  * Coprocessor service for bulk loads in secure mode.
@@ -116,6 +119,7 @@ public class SecureBulkLoadEndpoint extends SecureBulkLoadService
 
   private final static FsPermission PERM_ALL_ACCESS = FsPermission.valueOf("-rwxrwxrwx");
   private final static FsPermission PERM_HIDDEN = FsPermission.valueOf("-rwx--x--x");
+  private final static String[] FsWithoutSupportPermission = {"s3", "s3a", "s3n", "wasb",
"wasbs", "swift"};
 
   private SecureRandom random;
   private FileSystem fs;
@@ -139,18 +143,23 @@ public class SecureBulkLoadEndpoint extends SecureBulkLoadService
     conf = env.getConfiguration();
     baseStagingDir = SecureBulkLoadUtil.getBaseStagingDir(conf);
     this.userProvider = UserProvider.instantiate(conf);
+    Set<String> fsSet = new HashSet<String>(Arrays.asList(FsWithoutSupportPermission));
 
     try {
-      fs = FileSystem.get(conf);
-      fs.mkdirs(baseStagingDir, PERM_HIDDEN);
-      fs.setPermission(baseStagingDir, PERM_HIDDEN);
+      fs = baseStagingDir.getFileSystem(conf);
+      if (!fs.exists(baseStagingDir)) {
+        fs.mkdirs(baseStagingDir, PERM_HIDDEN);
+      } else {
+        fs.setPermission(baseStagingDir, PERM_HIDDEN);
+      }
       //no sticky bit in hadoop-1.0, making directory nonempty so it never gets erased
       fs.mkdirs(new Path(baseStagingDir,"DONOTERASE"), PERM_HIDDEN);
       FileStatus status = fs.getFileStatus(baseStagingDir);
       if(status == null) {
         throw new IllegalStateException("Failed to create staging directory");
       }
-      if(!status.getPermission().equals(PERM_HIDDEN)) {
+      String scheme = fs.getScheme().toLowerCase();
+      if (!fsSet.contains(scheme) && !status.getPermission().equals(PERM_HIDDEN))
{
         throw new IllegalStateException(
             "Directory already exists but permissions aren't set to '-rwx--x--x' ");
       }


Mime
View raw message