[
https://issues.apache.org/jira/browse/HADOOP-2528?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12556976#action_12556976
]
Doug Cutting commented on HADOOP-2528:
--------------------------------------
Raghu and Hairong yesterday raised a few relevant issues:
- the superuser name is not currently known on the client, and until it is, we
can get false negatives in permission checks
- the goal of dfs.permissions=false is for admins to be able to set, examine
and alter permissions before they are enforced, so that a filesystem may be
upgraded and returned to service before permissions are completely configured.
Returning 777 for all files when dfs.permissions=false would prohibit this use.
This patch, as it stands, fights a bit with that use case too. If permission
checking is disabled on the namenode, then there's a good chance that
permissions are not yet correctly configured there, so checking them clientside
may give the wrong results. Thus the goal of permitting folks to run jobs
while permissions are being configured may be defeated by this patch.
This patch was meant to be provocative: we're providing new APIs, but we have
little real code that uses these new APIs. Mapreduce input/output validation
seems like an obvious place to add permission checks, and hence an opportunity
to check the usability of the APIs.
I'm currently on the fence as to whether this patch should be committed in
0.16. Once dfs.permisisons=true, it would be really nice to fail a job quickly
if its output directory is not writable, without first running all of the maps.
Readability of input is less critical, since that will fail fairly quickly
anyway.
Perhaps we should add a utility method that checks the writability of a
directory by creating and removing an empty file. This would be more reliably
correct. I'll create a new patch with this approach.
> check permissions for job inputs and outputs
> --------------------------------------------
>
> Key: HADOOP-2528
> URL: https://issues.apache.org/jira/browse/HADOOP-2528
> Project: Hadoop
> Issue Type: Improvement
> Components: mapred
> Reporter: Doug Cutting
> Fix For: 0.16.0
>
> Attachments: HADOOP-2528-0.patch, HADOOP-2528-1.patch
>
>
> On job submission, filesystem permissions should be checked to ensure that
> the input directory is readable and that the output directory is writable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
