[
https://issues.apache.org/jira/browse/HDFS-12895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16288550#comment-16288550
]
Anbang Hu edited comment on HDFS-12895 at 12/13/17 12:56 AM:
-------------------------------------------------------------
Thanks Yiqun's patch. Per Inigo's request, a few comments are listed:
* Comments in RouterAdminServer.java has unnecessary "that"
{code:java}
/**
* Permission related info that used for constructing new router permission
* checker instance.
*/
private static String routerOwner;
private static String superGroup;
private static boolean isPermissionEnabled;
...
/**
* Get a new permission checker that used for making mount table access
* control. This method will be invoked during each RPC call in router
* admin server.
*
* @return
* @throws AccessControlException
*/
public static RouterPermissionChecker getPermissionChecker()
throws AccessControlException {
if (!isPermissionEnabled) {
return null;
}
{code}
* There is a piece of commented code in
{{MountTableStoreImpl.RemoveMountTableEntryResponse}}
was (Author: huanbang1993):
Thanks Yiqun's patch. Per Inigo's request, a few comments are listed:
* Comments in RouterAdminServer.java has unnecessary "that"
{code:java}
/**
* Permission related info that used for constructing new router permission
* checker instance.
*/
private static String routerOwner;
private static String superGroup;
private static boolean isPermissionEnabled;
...
/**
* Get a new permission checker that used for making mount table access
* control. This method will be invoked during each RPC call in router
* admin server.
*
* @return
* @throws AccessControlException
*/
public static RouterPermissionChecker getPermissionChecker()
throws AccessControlException {
if (!isPermissionEnabled) {
return null;
}
{code}
* There is a piece of commented code in
MountTableStoreImpl.RemoveMountTableEntryResponse
> RBF: Add ACL support for mount table
> ------------------------------------
>
> Key: HDFS-12895
> URL: https://issues.apache.org/jira/browse/HDFS-12895
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Affects Versions: 3.0.0-alpha3
> Reporter: Yiqun Lin
> Assignee: Yiqun Lin
> Labels: RBF
> Attachments: HDFS-12895.001.patch, HDFS-12895.002.patch,
> HDFS-12895.003.patch
>
>
> Adding ACL support for the Mount Table management. Following is the initial
> design of ACL control for the mount table management.
> Each mount table has its owner, group name and permission.
> The mount table permissions (FsPermission), here we use
> {{org.apache.hadoop.fs.permission.FsPermission}} to do the access check:
> # READ permission: you can read the mount table info.
> # WRITE permission: you can add remove or update this mount table info.
> # EXECUTE permission: This won't be used.
> The add command of mount table will be extended like this
> {noformat}
> $HADOOP_HOME/bin/hdfs dfsrouteradmin [-add <source> <nameservice>
> <destination> [-owner <owner>] [-group <group>] [-mode <mode>]]
> {noformat}
> *<mode> is UNIX-style permissions for the mount table. Permissions are
> specified in octal, e.g. 0755. By default, this is set to 0755*.
> If we want update the ACL info of specfied mount table, just execute add
> command again. This command not only adding for new mount talle but also
> updating mount table once it finds given mount table is existed.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
