[
https://issues.apache.org/jira/browse/HADOOP-14017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15833646#comment-15833646
]
John Zhuge commented on HADOOP-14017:
-------------------------------------
Both {{setfacl}} and {{getfacl}} are supported.
One issue: names shown as GUID
{noformat}
$ hdfs dfs -Ddfs.adls.oauth2.access.token.provider.type='ClientCredential' ...
-getfacl adl://account.azuredatalakestore.net/file
# file: adl://account.azuredatalakestore.net/file
# owner: aaaaaaaa-bbbb-1234-5678-cccccccccccc
# group: dddddddd-bbbb-3a53-f678-ccccc3cc2ccc
user::rw-
group::r--
other::r--
{noformat}
Another issue: names must be GUID to setfacl
{noformat}
hdfs dfs -Ddfs.adls.oauth2.access.token.provider.type='ClientCredential'
-Dhadoop.security.credential.provider.path=localjceks://file/tmp/creds.jceks
-setfacl -m user:foo:rw- adl://account.azuredatalakestore.net/file
setfacl: Invalid named user or group in <aclStr> : user:foo:rw-. The allowed
names are must be a GUID.
[a3aa9a0a-0bbb-12f4-5678-cccccccccccc][2017-01-22T11:02:01.2277079-08:00]
{noformat}
> Integrate ADLS ACL
> ------------------
>
> Key: HADOOP-14017
> URL: https://issues.apache.org/jira/browse/HADOOP-14017
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs/adl
> Affects Versions: 3.0.0-alpha3
> Reporter: John Zhuge
> Assignee: John Zhuge
>
> Track the effort to integrate ADLS ACL which models after HDFS ACL. Both are
> based on POSIX ACL.
> Of course this will go too far without AuthN integration of some sort.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
