[jira] [Commented] (HDFS-7384) 'getfacl' command and 'getAclStatus' output should be in sync

Fri, 14 Nov 2014 23:15:48 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-7384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14213439#comment-14213439
 ] 

Chris Nauroth commented on HDFS-7384:
-------------------------------------

I haven't reviewed the whole patch yet, but I wanted to state again quickly 
that I'd prefer to keep effective permissions out of {{AclEntry}}.

One problem is that the {{AclEntry}} class is also used in the setter APIs, 
like {{setAcl}}.  In that context, the effective permissions would be ignored.  
This could cause confusion for users of those APIs.

Another problem is that we use the same class for both the public API on the 
client side and the internal in-memory representation in the NameNode.  
Therefore, adding a new member to {{AclEntry}} would have a side effect of 
increasing memory footprint in the NameNode.  Even if we don't populate the 
field when used within the NameNode, there is still the overhead of the 
additional pointer multiplied by every ACL entry.  We could potentially change 
the NameNode to use a different class for its internal implementation, but then 
we'd have a dual-maintenance problem and a need for extra code to translate 
between the two representations.

If {{AclStatus}} could have a new method that does the calculation for an 
entry's effective permissions on demand, instead of requiring a new member in 
{{AclEntry}}, then we wouldn't impact the setter APIs or increase memory 
footprint in the NameNode.

> 'getfacl' command and 'getAclStatus' output should be in sync
> -------------------------------------------------------------
>
>                 Key: HDFS-7384
>                 URL: https://issues.apache.org/jira/browse/HDFS-7384
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: Vinayakumar B
>            Assignee: Vinayakumar B
>         Attachments: HDFS-7384-001.patch
>
>
> *getfacl* command will print all the entries including basic and extended 
> entries, mask entries and effective permissions.
> But, *getAclStatus* FileSystem API will return only extended ACL entries set 
> by the user. But this will not include the mask entry as well as effective 
> permissions.
> To benefit the client using API, better to include 'mask' entry and effective 
> permissions in the return list of entries.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to