[
https://issues.apache.org/jira/browse/HADOOP-10779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14056559#comment-14056559
]
Colin Patrick McCabe commented on HADOOP-10779:
-----------------------------------------------
Let's say you want to use an alternate filesystem such as Ceph, or Lustre.
Those systems don't have the concept of an HDFS-style supergroup. They only
have the concept of user IDs and group IDs, one of which is root. There are
not multiple roots, only one, and if you want a privileged uid or gid, you add
that guy to {{/etc/sudoers}}. Being a sudoer means you can use sudo to get
root when you need it. One reason for this behavior is that Ceph and Lustre
can be mounted as standard Linux filesystems, so they need to conform with
standard Linux permissions behavior.
Even if these systems had an HDFS-style supergroup, you could not possibly
configure it through a Hadoop config file, since these systems don't read
Hadoop config files. Ceph reads Ceph config files, and... I'm not sure how
Lustre is configured, but since it lives in the kernel, it's not going to be
Hadoop XMLs.
Unless I'm missing something here, I don't see how adding a hadoop
configuration entry for this could help. It would be better to define the
cases where Hadoop applications depend on superuser / supergroup behavior, and
identify a solution there (such as a samba-style UID / GID remapping scheme).
> Generalize DFS_PERMISSIONS_SUPERUSERGROUP_KEY for any HCFS
> ----------------------------------------------------------
>
> Key: HADOOP-10779
> URL: https://issues.apache.org/jira/browse/HADOOP-10779
> Project: Hadoop Common
> Issue Type: Wish
> Components: fs
> Reporter: Martin Bukatovic
> Priority: Minor
>
> HDFS has configuration option {{dfs.permissions.superusergroup}} stored in
> {{hdfs-site.xml}} configuration file:
> {noformat}
> <property>
> <name>dfs.permissions.superusergroup</name>
> <value>supergroup</value>
> <description>The name of the group of super-users.</description>
> </property>
> {noformat}
> Since we have an option to use alternative Hadoop filesystems (HCFS), there is
> a question how to specify a supergroup in such case.
> Eg. would introducing HCFS option in say {{core-site.xml}} for this as shown
> below make sense?
> {noformat}
> <property>
> <name>hcfs.permissions.superusergroup</name>
> <value>${dfs.permissions.superusergroup}</value>
> <description>The name of the group of super-users.</description>
> </property>
> {noformat}
> Or would you solve it in different way? I would like to at least declare
> a recommended approach for alternative Hadoop filesystems to follow.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
