[jira] [Commented] (HDFS-7568) Support immutability (Write-once-read-many) in HDFS

Wed, 25 Feb 2015 14:57:40 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-7568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14337400#comment-14337400
 ] 

Lei (Eddy) Xu commented on HDFS-7568:
-------------------------------------

bq. I don't understand why this would be a requirement. It is the active 
NameNode that is choosing to create or not create a file, not the standby. The 
standby just follows the decision which the active NameNode already took. And 
if there is a failover, the standby will replay all edits before becoming 
active.

It is not a necessary requirements to be implemented within HDFS. The 
regulation requires some unmodified time source for audit logs, retentions and 
such. So I think that this can also be done by letting ANN/SNN synchronized 
with an external time server.

bq. Who are "special personnel" are and how they are different than system 
administrators? A few times you refer to "super users," but we already have 
superusers in hdfs and they are system administrators.

I agree that "Super user" might be a bad terminology here. What I meant is that 
there are certain operations (i.e., modify immutable file before retention 
date) should be only granted to some authorized people (the staff from the 
Commission), that is different to the administrator, who operates maintenances 
tasks. 

Also, in this environment, we assume that all users do not have any kind of 
access to the underlying Linux system (e.g., ssh or physical access). This 
requirement could not be implemented / enforced within HDFS as well. 

Does them make sense to you, [~cmccabe] ?

> Support immutability (Write-once-read-many) in HDFS
> ---------------------------------------------------
>
>                 Key: HDFS-7568
>                 URL: https://issues.apache.org/jira/browse/HDFS-7568
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: namenode
>    Affects Versions: 2.7.0
>            Reporter: Suresh Srinivas
>            Assignee: Suresh Srinivas
>
> Many regulatory compliance requires storage to support WORM functionality to 
> protect sensitive data from being modified or deleted. This jira proposes 
> adding that feature to HDFS.
> See the following comment for more description.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to