[
https://issues.apache.org/jira/browse/HDFS-12895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16290401#comment-16290401
]
Yiqun Lin edited comment on HDFS-12895 at 12/14/17 11:57 AM:
-------------------------------------------------------------
bq. Not sure about user and group; show a default one?
[~elgoiri], you raised up a good point that we should be compatible with old
mount table entry (no-permissions). We can make these old entries with
superuser, supergroup, 755 mode as the default permissions when getting these
entries . But this will lead a incompatible change that non-supersuer won't
modify their old mount table entries. User should login as superuser first and
update their mount table permission infos. Then users can manage mount tables
correctly.
Other comments are addressed in update patch.
Attach the updated patch.
was (Author: linyiqun):
bq. Not sure about user and group; show a default one?
[~elgoiri], you raised a good point that we should be compatible with old
no-permissions mount table entry. We can make these old entries with super
user, supergroup, 755 mode as the default permissions. So this will lead a
incompatible change that non-supersuer won't modify its old mount table
entries. He should login as superuser first and update its mount table
permission infos.
Then he can manage his mount tables correctly.
Other comments are addressed in update patch.
Attach the updated patch.
> RBF: Add ACL support for mount table
> ------------------------------------
>
> Key: HDFS-12895
> URL: https://issues.apache.org/jira/browse/HDFS-12895
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Affects Versions: 3.0.0-alpha3
> Reporter: Yiqun Lin
> Assignee: Yiqun Lin
> Labels: RBF
> Attachments: HDFS-12895.001.patch, HDFS-12895.002.patch,
> HDFS-12895.003.patch, HDFS-12895.004.patch, HDFS-12895.005.patch,
> HDFS-12895.006.patch
>
>
> Adding ACL support for the Mount Table management. Following is the initial
> design of ACL control for the mount table management.
> Each mount table has its owner, group name and permission.
> The mount table permissions (FsPermission), here we use
> {{org.apache.hadoop.fs.permission.FsPermission}} to do the access check:
> # READ permission: you can read the mount table info.
> # WRITE permission: you can add remove or update this mount table info.
> # EXECUTE permission: This won't be used.
> The add command of mount table will be extended like this
> {noformat}
> $HADOOP_HOME/bin/hdfs dfsrouteradmin [-add <source> <nameservice>
> <destination> [-owner <owner>] [-group <group>] [-mode <mode>]]
> {noformat}
> *<mode> is UNIX-style permissions for the mount table. Permissions are
> specified in octal, e.g. 0755. By default, this is set to 0755*.
> If we want update the ACL info of specfied mount table, just execute add
> command again. This command not only adding for new mount talle but also
> updating mount table once it finds given mount table is existed.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
