[
https://issues.apache.org/jira/browse/HDFS-5925?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898346#comment-13898346
]
Haohui Mai commented on HDFS-5925:
----------------------------------
You might want to explicitly say that the flags disables all ACL-related RPC:
{code}
<description>
Set to true to enable support for HDFS ACLs (Access Control Lists). By
default, ACLs are disabled. When ACLs are disabled, the NameNode rejects
- all attempts to set an ACL. An fsimage containing an ACL will cause the
- NameNode to abort during startup, and ACLs present in the edit log will
- cause the NameNode to abort. To transition from ACLs enabled to ACLs
- disabled, restart the NameNode with ACLs enabled, remove all ACLs, save a
- new checkpoint, and then restart the NameNode with ACLs disabled.
+ all attempts to set an ACL.
</description>
{code}
Other than that it looks good to me. I think {{testEditLog}} is covered by
{{TestFsImageWithAcl}}. It should be okay to remove it. +1.
> ACL configuration flag must only reject ACL API calls, not ACLs present in
> fsimage or edits.
> --------------------------------------------------------------------------------------------
>
> Key: HDFS-5925
> URL: https://issues.apache.org/jira/browse/HDFS-5925
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: namenode
> Affects Versions: HDFS ACLs (HDFS-4685)
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
> Attachments: HDFS-5925.1.patch
>
>
> In follow-up discussion on HDFS-5899, we decided that it would cause less
> harm to administrators if setting {{dfs.namenode.acls.enabled}} to false only
> causes ACL API calls to be rejected. Existing ACLs found in fsimage or edits
> will be loaded and enforced.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
