[
https://issues.apache.org/jira/browse/HDFS-8649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14598752#comment-14598752
]
zhouyingchao commented on HDFS-8649:
------------------------------------
[~cnauroth] Any comments ?
> Default ACL is not inherited if directory is generated by FileSystem.create
> interface
> -------------------------------------------------------------------------------------
>
> Key: HDFS-8649
> URL: https://issues.apache.org/jira/browse/HDFS-8649
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: zhouyingchao
> Assignee: zhouyingchao
>
> I have a directory /acltest/t, whose acl is as following:
> {code}
> # file: /acltest/t
> # owner: hdfs_tst_admin
> # group: supergroup
> user::rwx
> group::rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> {code}
> My program create a file /acltest/t/a/b using the FileSystem.create
> interface. The acl of directory /acltest/t/a is as following:
> {code}
> # file: /acltest/t/a
> # owner: hdfs_tst_admin
> # group: supergroup
> user::rwx
> group::rwx
> mask::rwx
> other::---
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> {code}
> As you can see, the child directory "b" did not inherit its parent's default
> acl for other.
> By looking into the implementation, the FileSystem.create interface will
> automatically create non-existing entries in the path, it is done by calling
> FSNamesystem.mkdirsRecursively and hard-coded the third param
> (inheritPermission) as true. In FSNamesystem.mkdirsRecursively, when
> inheritPermission is true, the parent's real permission (rather than
> calculation from default acl) would be used as the new directory's permission.
> Is this behavior correct? The default acl is not worked as people expected.
> It kind of render many access issues in our setup.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
