[
https://issues.apache.org/jira/browse/HDFS-14619?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Siyao Meng updated HDFS-14619:
------------------------------
Description:
When setting a directory's permission with HDFS shell chmod, it changes the ACL
mask instead of the permission bits:
{code:bash}
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx #effective:r-x
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u hdfs hdfs dfs -chmod 777 /user/hive/warehouse/exttablename/key=1/
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx
group::rwx
mask::rwx
other::rwx
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u hdfs hdfs dfs -chmod 755 /user/hive/warehouse/exttablename/key=1/
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx #effective:r-x
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u impala hdfs dfs -touch /user/hive/warehouse/exttablename/key=1/file
touch: Permission denied: user=impala, access=WRITE,
inode="/user/hive/warehouse/exttablename/key=1/file":hive:hive:drwxr-xr-x
{code}
The cluster has dfs.namenode.acls.enabled=true and
dfs.namenode.posix.acl.inheritance.enabled=true.
As far as I understand, the chmod should change the permission bits instead of
the ACL mask. CMIIW
Might be related to HDFS-14517. [~pifta]
was:
When setting a directory's permission with HDFS shell chmod, it changes the ACL
mask instead of the permission bits:
{code:bash}
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx #effective:r-x
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u hdfs hdfs dfs -chmod 777 /user/hive/warehouse/exttablename/key=1/
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx
group::rwx
mask::rwx
other::rwx
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u hdfs hdfs dfs -chmod 755 /user/hive/warehouse/exttablename/key=1/
$ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
# file: /user/hive/warehouse/exttablename/key=1
# owner: hive
# group: hive
user::rwx
user:impala:rwx #effective:r-x
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:user:impala:rwx
default:group::rwx
default:mask::rwx
default:other::rwx
$ sudo -u impala hdfs dfs -touch /user/hive/warehouse/exttablename/key=1/file
touch: Permission denied: user=impala, access=WRITE,
inode="/user/hive/warehouse/exttablename/key=1/file":hive:hive:drwxr-xr-x
{code}
The cluster has dfs.namenode.acls.enabled=true and
dfs.namenode.posix.acl.inheritance.enabled=true.
Might be related to HDFS-14517. [~pifta]
> chmod changes the mask when ACL is enabled
> ------------------------------------------
>
> Key: HDFS-14619
> URL: https://issues.apache.org/jira/browse/HDFS-14619
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: hdfs
> Affects Versions: 3.1.2
> Reporter: Siyao Meng
> Priority: Major
>
> When setting a directory's permission with HDFS shell chmod, it changes the
> ACL mask instead of the permission bits:
> {code:bash}
> $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
> # file: /user/hive/warehouse/exttablename/key=1
> # owner: hive
> # group: hive
> user::rwx
> user:impala:rwx #effective:r-x
> group::rwx #effective:r-x
> mask::r-x
> other::r-x
> default:user::rwx
> default:user:impala:rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> $ sudo -u hdfs hdfs dfs -chmod 777 /user/hive/warehouse/exttablename/key=1/
> $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
> # file: /user/hive/warehouse/exttablename/key=1
> # owner: hive
> # group: hive
> user::rwx
> user:impala:rwx
> group::rwx
> mask::rwx
> other::rwx
> default:user::rwx
> default:user:impala:rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> $ sudo -u hdfs hdfs dfs -chmod 755 /user/hive/warehouse/exttablename/key=1/
> $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
> # file: /user/hive/warehouse/exttablename/key=1
> # owner: hive
> # group: hive
> user::rwx
> user:impala:rwx #effective:r-x
> group::rwx #effective:r-x
> mask::r-x
> other::r-x
> default:user::rwx
> default:user:impala:rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> $ sudo -u impala hdfs dfs -touch /user/hive/warehouse/exttablename/key=1/file
> touch: Permission denied: user=impala, access=WRITE,
> inode="/user/hive/warehouse/exttablename/key=1/file":hive:hive:drwxr-xr-x
> {code}
> The cluster has dfs.namenode.acls.enabled=true and
> dfs.namenode.posix.acl.inheritance.enabled=true.
> As far as I understand, the chmod should change the permission bits instead
> of the ACL mask. CMIIW
> Might be related to HDFS-14517. [~pifta]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
