Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm
Precedence: bulk
Date: Tue, 6 Mar 2012 07:12:58 +0000 (UTC)
From: "Jesse Yates (Commented) (JIRA)" <jira@apache.org>
To: issues@hbase.apache.org
Message-ID: 
 <906635848.26272.1331017978803.JavaMail.tomcat@hel.zones.apache.org>
In-Reply-To: 
 <906306925.25361.1330997396951.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Commented] (HBASE-5526) Optional file permission settings
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/HBASE-5526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13223044#comment-13223044 ] 

Jesse Yates commented on HBASE-5526:
------------------------------------

bq. What's with all the changes to hbase-defaults.xml?

Oops, eclipse auto-formatting; thought I had reverted... Should only be the addition of those last three properties. 

Also, was debating if we even want to include default values for the permissions/umask as the actual 'default' would be taken from the filesystem, and not the conf, so default values are only applied when we enable the permissions stuff, so you should be changing them anyways. Figure wide open (777) permissions as the 'default' was the best, but thought it would be good to get another opinion would be good too. 

bq. Would that not cover all interesting scenarios?

Yeah, it would. This was just the easiest way to go about covering the identifiable data as there are a _bunch_ of places where we are creating files on the fs and seemed a bit overkill to replace all of them for this use case. 

For creating individual files, its <10 files in src/main for creating files, though a fair number in src/test. However, for creating directories its twice that number and even more for testing. Each of those would need to be wrapped to set the default permissions, doable and starting to think that it's the right way to go about it in the end...hmmm
                
> Optional file permission settings
> ---------------------------------
>
>                 Key: HBASE-5526
>                 URL: https://issues.apache.org/jira/browse/HBASE-5526
>             Project: HBase
>          Issue Type: New Feature
>          Components: regionserver
>            Reporter: Jesse Yates
>            Assignee: Jesse Yates
>             Fix For: 0.94.0
>
>         Attachments: java_HBASE-5526.patch
>
>
> Currently many all the files created by the HBase user are just written using the default file permissions granted by hdfs. However, it is often times adventageous to only allow a subset of the world to view the actual data written by hbase when scanning the raw hdfs files. 
> This ticket covers setting permissions for files written to hdfs that are storing actual user data, as opposed to _all_ files written to hdfs as many of them contain non-identifiable metadata.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira