[
https://issues.apache.org/jira/browse/HDFS-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wei-Chiu Chuang updated HDFS-10324:
-----------------------------------
Attachment: HDFS-10324.001.patch
Attach my patch v001.
I am not entirely sure if this should be part of NameNode
createEncryptionZone() operation (which is atomic), or be fixed by a dfsclient
which creates .Trash dirctory after it creates an EZ. This first patch takes
the latter approach. I feel the doing it in NN is better, but I'm a bit afraid
of changing anything within NameNode namespace.
Also, attached a test case which illustrates how the bug can be reproduced.
[~xyao] [~zhz] [~andrew.wang] [~arpitagarwal] could you take a look? Thanks.
> Trash directory in an encryption zone should be pre-created with sticky bit
> ---------------------------------------------------------------------------
>
> Key: HDFS-10324
> URL: https://issues.apache.org/jira/browse/HDFS-10324
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: encryption
> Affects Versions: 2.8.0
> Environment: CDH5.7.0
> Reporter: Wei-Chiu Chuang
> Assignee: Wei-Chiu Chuang
> Attachments: HDFS-10324.001.patch
>
>
> We encountered a bug in HDFS-8831:
> After HDFS-8831, a deleted file in an encryption zone is moved to a .Trash
> subdirectory within the encryption zone.
> However, if this .Trash subdirectory is not created beforehand, it will be
> created and owned by the first user who deleted a file, with permission
> drwx------. This creates a serious bug because any other non-privileged user
> will not be able to delete any files within the encryption zone, because they
> do not have the permission to move directories within the trash directory.
> We should fix this bug, by pre-creating the .Trash directory with sticky bit.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
