[jira] [Updated] (HDFS-10324) Trash directory in an encryption zone should be pre-created with correct permissions

Wed, 04 May 2016 14:37:05 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Wei-Chiu Chuang updated HDFS-10324:
-----------------------------------
    Attachment: HDFS-10324.007.patch

Thanks again for the quick review!
I've updated the patch based on the comments below:
bq. 1. TrashPolicyDefault#TRASH is a unused private and can be removed. 
Done.
bq. 2. TrasnparentEncryption.md can we highlight only the root path of the 
encryption zone is allowed. 
Done.
bq. TestRpcProgramNfs3.java Unused import
Done. 
bq. CreateEncryptionZoneFlag.java
I added a new NO_TRASH type into it, and refactored the tests to use 
{code}
protected static final EnumSet< CreateEncryptionZoneFlag > NO_TRASH =
      EnumSet.of(CreateEncryptionZoneFlag.NO_TRASH);
{code}

bq. HDFSCommands.md
Done. I think it's a good idea to be consistent.
bq. HdfsAdmin.java
I refactored it to make it static final, and changed the name to 
{{TRASH_PERMISSION}}.
bq. CryptoAdmin.java
Done.

> Trash directory in an encryption zone should be pre-created with correct 
> permissions
> ------------------------------------------------------------------------------------
>
>                 Key: HDFS-10324
>                 URL: https://issues.apache.org/jira/browse/HDFS-10324
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: encryption
>    Affects Versions: 2.8.0
>         Environment: CDH5.7.0
>            Reporter: Wei-Chiu Chuang
>            Assignee: Wei-Chiu Chuang
>         Attachments: HDFS-10324.001.patch, HDFS-10324.002.patch, 
> HDFS-10324.003.patch, HDFS-10324.004.patch, HDFS-10324.005.patch, 
> HDFS-10324.006.patch, HDFS-10324.007.patch
>
>
> We encountered a bug in HDFS-8831:
> After HDFS-8831, a deleted file in an encryption zone is moved to a .Trash 
> subdirectory within the encryption zone.
> However, if this .Trash subdirectory is not created beforehand, it will be 
> created and owned by the first user who deleted a file, with permission 
> drwx------. This creates a serious bug because any other non-privileged user 
> will not be able to delete any files within the encryption zone, because they 
> do not have the permission to move directories to the trash directory.
> We should fix this bug, by pre-creating the .Trash directory with sticky bit.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to