[jira] [Commented] (HDFS-5673) Implement logic for modification of ACLs.

Mon, 23 Dec 2013 14:12:21 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-5673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13855967#comment-13855967
 ] 

Chris Nauroth commented on HDFS-5673:
-------------------------------------

Actually, the required functionality has a lot of tricky edge cases.  Most of 
what's here is required functionality rather than an attempt to optimize the 
ACL.  Duplicate entries must cause an error.  A named mask or named other entry 
must cause an error.  A mask must be calculated automatically only if required, 
and only if there was no mask provided manually in the ACL spec, and this 
decision is distinct per scope.  Deletion of mask where it is required must 
cause an error.  If there is a default ACL, then the entries for owner, group 
and other must be present.  However, they may be copied from the access ACL if 
unspecified, but this should only be done if at least one default ACL entry has 
been provided.

It sounds like the gist is that you want to see if multiple iterations can make 
it more readable.  We could potentially try something like: 1) merge, 2) insert 
access mask if needed, 3) copy default entries if needed, 4) insert default 
mask if needed, 5) sort, 6) validate, where each of those 6 steps is a separate 
iteration.  I'll try that.

The nice thing is that we have a big test suite that I've already validated 
against Linux setfacl.  There is relatively little risk in experimenting with 
different approaches in the code.

> Implement logic for modification of ACLs.
> -----------------------------------------
>
>                 Key: HDFS-5673
>                 URL: https://issues.apache.org/jira/browse/HDFS-5673
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-5673.1.patch, HDFS-5673.2.patch, HDFS-5673.3.patch
>
>
> This patch will include the core logic for modification of ACLs.  This 
> includes support for all user-facing APIs that modify ACLs.  This will cover 
> access ACLs, default ACLs, automatic mask calculations, automatic inference 
> of unprovided default ACL entries, and validation to prevent creation of an 
> invalid ACL.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to