[
https://issues.apache.org/jira/browse/HDFS-15979?focusedWorklogId=586666&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-586666
]
ASF GitHub Bot logged work on HDFS-15979:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 21/Apr/21 15:20
Start Date: 21/Apr/21 15:20
Worklog Time Spent: 10m
Work Description: daryn-sharp commented on a change in pull request #2919:
URL: https://github.com/apache/hadoop/pull/2919#discussion_r617648020
##########
File path:
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestNestedEncryptionZones.java
##########
@@ -210,6 +214,80 @@ public void testNestedEZWithRoot() throws Exception {
"File not in trash : " + nestedTrashFile, fs.exists(nestedTrashFile));
}
+ @Test(timeout = 60000)
+ public void testRenameBetweenEncryptionZones() throws Exception {
+ String key1 = TOP_EZ_KEY;
+ String key2 = NESTED_EZ_KEY;
+ Path top = new Path("/dir");
+ Path ez1 = new Path(top, "ez1");
+ Path ez2 = new Path(top, "ez2");
+ Path ez3 = new Path(top, "ez3");
+ Path p = new Path(ez1, "file");
+ fs.mkdirs(ez1, FsPermission.getDirDefault());
+ fs.mkdirs(ez2, FsPermission.getDirDefault());
+ fs.mkdirs(ez3, FsPermission.getDirDefault());
+ fs.createEncryptionZone(ez1, key1);
+ fs.createEncryptionZone(ez2, key2);
+ fs.createEncryptionZone(ez3, key1);
+ fs.create(p).close();
+
+ // cannot rename between 2 EZs with different keys.
+ try {
+ fs.rename(p, new Path(ez2, "file"));
+ } catch (RemoteException re) {
+ Assert.assertEquals(
+ p + " can't be moved from encryption zone " + ez1 +
+ " to encryption zone " + ez2 + ".",
+ re.getMessage().split("\n")[0]);
+ }
+ // can rename between 2 EZs with the same key.
+ Assert.assertTrue(fs.rename(p, new Path(ez3, "file")));
+ }
+
+ @Test(timeout = 60000)
+ public void testRemoveEncryptionZoneWithAncestorKey() throws Exception {
+ removeEZDirUnderAncestor(TOP_EZ_KEY);
+ }
+
+ @Test(timeout = 60000)
+ public void testRemoveEncryptionZoneWithNoAncestorKey() throws Exception {
+ removeEZDirUnderAncestor(null);
+ }
+
+ private void removeEZDirUnderAncestor(String parentKey) throws Exception {
Review comment:
AFAIK, nested EZs have always been supported or at least for a long time
– otherwise TestNestedEncryptionZones would not already exist, right? :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 586666)
Time Spent: 50m (was: 40m)
> Move within EZ fails and cannot remove nested EZs
> -------------------------------------------------
>
> Key: HDFS-15979
> URL: https://issues.apache.org/jira/browse/HDFS-15979
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: encryption, hdfs
> Reporter: Ahmed Hussein
> Assignee: Ahmed Hussein
> Priority: Major
> Labels: pull-request-available
> Attachments: HDFS-15979.001.patch
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> Moving between EZ directories should work fine if the EZ key for the
> directories is identical. If the key is name identical then no
> decrypt/re-encrypt is necessary.
> However, the rename operation checks more than the key name. It compares the
> inode number (unique identifier) of the source and dest dirs which will never
> be the same for 2 dirs resulting in the cited failure. Note it also
> incorrectly compares the key version.
> A related issue is if an ancestor of a EZ share the same key (ie.
> /projects/foo and /projects/foo/bar/blah both use same key), files also
> cannot be moved from the child to a parent dir, plus the child EZ cannot be
> removed even though it's now covered by the ancestor.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
