[
https://issues.apache.org/jira/browse/HDFS-13035?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16335164#comment-16335164
]
Daryn Sharp commented on HDFS-13035:
------------------------------------
[~andrew.wang], need advice. The core requirement is we need to seamlessly
support raw encrypted data transfer by arbitrary users. (Webhdfs support is
just bonus points) Distcp already copies via reserved raw paths and then
transfers over xattrs including the EZ/FE xattrs. This only works for super
users but could be extended to support non-super users.
On another Jira we both shared concerns about allowing a user to alter the FE
info xattr but that's essentially required. What about relaxing the
restrictions for setting the FE info to: a) file must be in an EZ; b) file must
not have an existing FE info.
> Owner should be allowed to set xattr if not already set.
> --------------------------------------------------------
>
> Key: HDFS-13035
> URL: https://issues.apache.org/jira/browse/HDFS-13035
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: hdfs, namenode
> Reporter: Rushabh S Shah
> Priority: Major
>
> Motivation: This is needed to support encryption zones on WebhdfsFileSystem.
> For writing into EZ directory, webhdfs client will encrypt data on client
> side and will always write into /.reserved/raw/ directory so that datanode
> will not encrypt since its writing to /.reserved/raw directory.
> But then we have to somehow set crypto related x-attrs on the file.
> Currently only super user is allowed to set x-attrs.
> So I am proposing that the file owner(and superuser) should be allowed to set
> crypto related x-attrs if they are already not set.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
