[
https://issues.apache.org/jira/browse/HDFS-10689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15393081#comment-15393081
]
Manoj Govindassamy commented on HDFS-10689:
-------------------------------------------
Whenever the leading bit in the numeric format is omitted, it is considered to
be all 0s. Chmod man page clearly mentions on the expected behavior with
permission apply via numeric option with respect to setuid and setgid bits.
man chmod:
{noformat}
SETUID AND SETGID BITS
chmod clears the set-group-ID bit of a regular file if the file’s group
ID does not match the user’s effective group ID or one of the user’s
supplementary group
IDs, unless the user has appropriate privileges. Additional
restrictions may cause the set-user-ID and set-group-ID bits of MODE or RFILE
to be ignored. This
behavior depends on the policy and functionality of the underlying chmod
system call. When in doubt, check the underlying system behavior.
chmod preserves a directory’s set-user-ID and set-group-ID bits unless
you explicitly specify otherwise. *You can set or clear the bits with symbolic
modes like u+s
and g-s, and you can set (but not clear) the bits with a numeric mode.*
{noformat}
*That is, 755 will not reset setuid and setgid bits on the file/directory.*
However, man page doesn't mention anything of that sort for sticky bits. So, I
am leaning towards how other distros have implemented this. Here is the EXT4
behavior.
{noformat}
-bash-4.1$ df -T
Filesystem Type 1K-blocks Used Available Use% Mounted on
/dev/xvda1 ext4 103209948 91990624 5977880 94% /
-bash-4.1$ pwd
/home/manojg
drwxrwxr-x 2 manojg manojg 4096 Jul 25 19:09 dir_test_sticky_bit
-bash-4.1$ chmod 1775 dir_test_sticky_bit
-bash-4.1$ ls -l
total 4
drwxrwxr-t 2 manojg manojg 4096 Jul 25 19:09 dir_test_sticky_bit
-bash-4.1$ chmod 775 dir_test_sticky_bit
-bash-4.1$ ls -l
total 4
drwxrwxr-x 2 manojg manojg 4096 Jul 25 19:09 dir_test_sticky_bit <=== 755 does
clear out sticky bit
-bash-4.1$ .
{noformat}
So, EXT4 and many other filesystems on Linux, MacOSX are resetting Sticky Bit
when the bit is not specified in the permission arg.
> "hdfs dfs -chmod 777" does not remove sticky bit
> ------------------------------------------------
>
> Key: HDFS-10689
> URL: https://issues.apache.org/jira/browse/HDFS-10689
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: fs
> Reporter: Manoj Govindassamy
> Assignee: Manoj Govindassamy
> Priority: Minor
>
> When a directory permission is modified using hdfs dfs chmod command and when
> octal/numeric format is used, the leading sticky bit is not fully honored.
> 1. Create a dir dir_test_with_sticky_bit
> 2. Apply sticky bit permission on the dir : hdfs dfs -chmod 1755
> /dir_test_with_sticky_bit
> 3. Remove sticky bit permission on the dir: hdfs dfs -chmod 755
> /dir_test_with_sticky_bit
> Expected: Remove the sticky bit on the dir, as it happens on Mac/Linux native
> filesystem with native chmod.
> 4. However, removing sticky bit permission by explicitly turning off the bit
> works. hdfs dfs -chmod 0755 /dir_test_with_sticky_bit
> {noformat}
> manoj@~/work/hadev-pp: hdfs dfs -chmod 1755 /dir_test_with_sticky_bit
> manoj@~/work/hadev-pp: hdfs dfs -ls /
> Found 2 items
> drwxr-xr-t - manoj supergroup 0 2016-07-25 11:42
> /dir_test_with_sticky_bit
> drwxr-xr-x - manoj supergroup 0 2016-07-25 11:42 /user
> manoj@~/work/hadev-pp: hdfs dfs -chmod 755 /dir_test_with_sticky_bit
> manoj@~/work/hadev-pp: hdfs dfs -ls /
> Found 2 items
> drwxr-xr-t - manoj supergroup 0 2016-07-25 11:42
> /dir_test_with_sticky_bit <=== sticky bit still intact
> drwxr-xr-x - manoj supergroup 0 2016-07-25 11:42 /user
> manoj@~/work/hadev-pp: hdfs dfs -chmod 0755 /dir_test_with_sticky_bit
> manoj@~/work/hadev-pp: hdfs dfs -ls /
> Found 2 items
> drwxr-xr-x - manoj supergroup 0 2016-07-25 11:42
> /dir_test_with_sticky_bit
> drwxr-xr-x - manoj supergroup 0 2016-07-25 11:42 /user
> manoj@~/work/hadev-pp:
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
