[jira] [Commented] (HDFS-7384) 'getfacl' command and 'getAclStatus' output should be in sync

Fri, 14 Nov 2014 11:24:14 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-7384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212680#comment-14212680
 ] 

Vinayakumar B commented on HDFS-7384:
-------------------------------------

Thanks [~cnauroth] for the detailed explanation.

bq. At this point, we can't change the behavior of getAclStatus on the 2.x line 
for compatibility reasons. Suppose a 2.6.0 deployment of the shell called 
getAclStatus on a 2.7.0 NameNode
Here we can implement this without breaking compatibility.
For ex: returned {{AclStatus}} can have default permissions in form of 
{{FsPermission}} object itself, which would be optional field in protobuf.
So We can keep {{getAclEntries()}} return value as is, but in {{AclEntry}} we 
can add one more field, 'effective action', either this can be calculated at 
client side itself, based on the FsPermission object in AclStatus, or can be 
optional field set at NN side itself.

My basic intention is to avoid extra client side logic, which currently users 
have to do, to find out the effective permission for an ACL entry.

If {{AclStatus}} contains {{FsPermission}} value, then we can create the same 
output as 'getfacl' without having to do one more RPC to NN. This would keep 
the existing behavior of returning empty entries for basic permissions, which 
was decided after so many discussions. 

Any thoughts?

> 'getfacl' command and 'getAclStatus' output should be in sync
> -------------------------------------------------------------
>
>                 Key: HDFS-7384
>                 URL: https://issues.apache.org/jira/browse/HDFS-7384
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: Vinayakumar B
>            Assignee: Vinayakumar B
>
> *getfacl* command will print all the entries including basic and extended 
> entries, mask entries and effective permissions.
> But, *getAclStatus* FileSystem API will return only extended ACL entries set 
> by the user. But this will not include the mask entry as well as effective 
> permissions.
> To benefit the client using API, better to include 'mask' entry and effective 
> permissions in the return list of entries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to