[
https://issues.apache.org/jira/browse/HADOOP-9413?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13614973#comment-13614973
]
Ivan Mitic commented on HADOOP-9413:
------------------------------------
Thanks for the review Chris!
bq. This seems to revert the decisions made in HADOOP-8973 that checking for an
owner match and FsAction#implies is insufficient in the presence of other
permission mechanisms, such as ACLs. In this case though, your patch keeps this
logic guarded behind an if (Windows) check, so it wouldn't sacrifice existing
functionality for any existing Linux deployments that use POSIX ACLs. Just so
I'm clear, is this a proposal that we accept it as a known limitation on
Windows right now, with potential follow-up work to address it later (via JDK7
or possibly JNI calls)? That seems to be implicit in the patch, but I want to
make sure I understand.
I added a comment above asking for opinion on this one. This approach provides
full symmetry between can* and set* functions on Windows, what I think is a
good thing for now. I agree that we'll want to improve this eventually (this
could be JDK7 or JNI). However, as long as the abstractions are solid, I think
we are good. Let me know what you think.
bq. Also, can you please clarify the second part of the if condition? This is
checking if one of the user's group memberships has the same name as the file
owner. Is it supposed to check the file group instead of the file owner?
Thanks, will add a comment to clarify this part. On Windows, the owner can also
be a group. One use-case is if I'm running as a member of the admins group
(elevated), and create a file, the file will be owned by the admins group.
> Introduce common utils for File#setReadable/Writable/Executable and
> File#canRead/Write/Execute that work cross-platform
> -----------------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9413
> URL: https://issues.apache.org/jira/browse/HADOOP-9413
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Ivan Mitic
> Assignee: Ivan Mitic
> Fix For: 3.0.0
>
> Attachments: HADOOP-9413.commonfileutils.patch
>
>
> So far, we've seen many unittest and product bugs in Hadoop on Windows
> because Java's APIs that manipulate with permissions do not work as expected.
> We've addressed many of these problems on one-by-one basis (by either
> changing code a bit or disabling the test). While debugging the remaining
> unittest failures we continue to run into the same patterns of problems, and
> instead of addressing them one-by-one, I propose that we expose a set of
> equivalent wrapper APIs that will work well for all platforms.
> Scanning thru the codebase, this will actually be a simple change as there
> are very few places that use File#setReadable/Writable/Executable and
> File#canRead/Write/Execute (5 files in Common, 9 files in HDFS).
> HADOOP-8973 contains additional context on the problem.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
