Hi. I have a directory created by the root user with the 777 permissions.
When an application running under non-root user (called dev1) createded sub-directories in this directory, it made some directories with 777, and some with 755. This causes the app launched under root user not being able to erase files from these directories, and throwing the following exceptions: org.apache.hadoop.fs.permission.AccessControlException: org.apache.hadoop.fs.permission.AccessControlException: Permission denied: user=root, access=WRITE, inode="snapshots":dev1:supergroup:rwxr-xr-x at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.apache.hadoop.ipc.RemoteException.instantiateException(RemoteException.java:90) at org.apache.hadoop.ipc.RemoteException.unwrapRemoteException(RemoteException.java:52) at org.apache.hadoop.dfs.DFSClient.delete(DFSClient.java:530) at org.apache.hadoop.dfs.DistributedFileSystem.delete(DistributedFileSystem.java:210) at org.util.FileUtils.deleteFile(FileUtils.java:365) Caused by: org.apache.hadoop.ipc.RemoteException: org.apache.hadoop.fs.permission.AccessControlException: Permission denied: user=root, access=WRITE, inode="snapshots":dev1:supergroup:rwxr-xr-x at org.apache.hadoop.dfs.PermissionChecker.check(PermissionChecker.java:175) at org.apache.hadoop.dfs.PermissionChecker.check(PermissionChecker.java:156) at org.apache.hadoop.dfs.PermissionChecker.checkPermission(PermissionChecker.java:107) at org.apache.hadoop.dfs.FSNamesystem.checkPermission(FSNamesystem.java:4238) at org.apache.hadoop.dfs.FSNamesystem.deleteInternal(FSNamesystem.java:1527) at org.apache.hadoop.dfs.FSNamesystem.delete(FSNamesystem.java:1497) at org.apache.hadoop.dfs.NameNode.delete(NameNode.java:425) at sun.reflect.GeneratedMethodAccessor7.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:481) at org.apache.hadoop.ipc.Server$Handler.run(Server.java:890) at org.apache.hadoop.ipc.Client.call(Client.java:716) at org.apache.hadoop.ipc.RPC$Invoker.invoke(RPC.java:216) at org.apache.hadoop.dfs.$Proxy17.delete(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.hadoop.io.retry.RetryInvocationHandler.invokeMethod(RetryInvocationHandler.java:82) at org.apache.hadoop.io.retry.RetryInvocationHandler.invoke(RetryInvocationHandler.java:59) at org.apache.hadoop.dfs.$Proxy17.delete(Unknown Source) at org.apache.hadoop.dfs.DFSClient.delete(DFSClient.java:528) ... 5 more This brings the following questions: 1) Is the root user considered same level as non-root user in DFS? 2) Any idea why the dev1 created some directories with 777, and some with 755, even that their root directory was 777? There is no any particular code in the application, which may set the directory permissions. Thanks for any idea.
