[jira] [Commented] (HDFS-12038) Ozone: Non-admin user is unable to run InfoVolume to the volume owned by itself

Fri, 06 Oct 2017 03:00:32 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-12038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16194388#comment-16194388
 ] 

Lokesh Jain commented on HDFS-12038:
------------------------------------

Thanks [~nandakumar131] for the review. Yes, the issue can be fixed by doing 
the modification as suggested by [~cheersyang]. The authorization can be done 
in another jira. But there are two issues which I had mentioned in my previous 
comments:-
# The removal of -user option from shell commands. The -user option should only 
be used for createVolume command and for other commands the userName should be 
set as the user who is executing the command.
# Authorization of user access for operations on volumes or buckets.

> Ozone: Non-admin user is unable to run InfoVolume to the volume owned by 
> itself
> -------------------------------------------------------------------------------
>
>                 Key: HDFS-12038
>                 URL: https://issues.apache.org/jira/browse/HDFS-12038
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: ozone
>            Reporter: Weiwei Yang
>            Assignee: Lokesh Jain
>              Labels: OzonePostMerge
>         Attachments: HDFS-12038-HDFS-7240.001.patch
>
>
> Reproduce steps
> 1. Create a volume with a non-admin user
> {code}
> hdfs oz -createVolume http://ozone1.fyre.ibm.com:9864/volume-wwei-0 -user 
> wwei -root -quota 2TB
> {code}
> 2. Run infoVolume command to get this volume info
> {noformat}
> hdfs oz -infoVolume http://ozone1.fyre.ibm.com:9864/volume-wwei-0 -user wwei
> Command Failed : 
> {"httpCode":400,"shortMessage":"badAuthorization","resource":null,"message":"Missing
>  authorization or authorization has to be 
> unique.","requestID":"221efb47-72b9-498d-ac19-907257428573","hostName":"ozone1.fyre.ibm.com"}
> {noformat}
> add {{-root}} to run as admin user could bypass this issue 
> {noformat}
> hdfs oz -infoVolume http://ozone1.fyre.ibm.com:9864/volume-wwei-0 -user wwei 
> -root
> {
>   "owner" : {
>     "name" : "wwei"
>   },
>   "quota" : {
>     "unit" : "TB",
>     "size" : 2
>   },
>   "volumeName" : "volume-wwei-0",
>   "createdOn" : null,
>   "createdBy" : "hdfs"
> }
> {noformat}
> expecting: both volume owner and admin should be able to run infoVolume 
> command.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to