[
https://issues.apache.org/jira/browse/HDFS-6556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yi Liu updated HDFS-6556:
-------------------------
Description:
After discuss with Uma, we should refine setting permissions of {{user}} and
{{trusted}} namespace xattrs.
*1.* For {{user}} namespace xattrs, In HDFS-6374, says "setXAttr should require
the user to be the owner of the file or directory", we have a bit
misunderstanding. It actually is:
{quote}
The access permissions for user attributes are defined by the file permission
bits. only regular files and directories can have extended attributes. For
sticky directories, only the owner and privileged user can write attributes.
{quote}
We can refer to linux source code in
http://lxr.free-electrons.com/source/fs/xattr.c?v=2.6.35
I also check in linux, it's controlled by the file permission bits for regular
files and directories (not sticky).
*2.* For {{trusted}} namespace, currently we require the user should be owner
and superuser. Actually superuser is enough.
was:
We should refine setting permissions of {{user}} and {{trusted}} namespace
xattrs.
*1.* For {{user}} namespace xattrs, In HDFS-6374, says "setXAttr should require
the user to be the owner of the file or directory", we have a bit
misunderstanding. It actually is:
{quote}
The access permissions for user attributes are defined by the file permission
bits. only regular files and directories can have extended attributes. For
sticky directories, only the owner and privileged user can write attributes.
{quote}
We can refer to linux source code in
http://lxr.free-electrons.com/source/fs/xattr.c?v=2.6.35
I also check in linux, it's controlled by the file permission bits for regular
files and directories (not sticky).
*2.* For {{trusted}} namespace, currently we require the user should be owner +
superuser. Actually superuser is enough.
> Refine XAttr permissions
> ------------------------
>
> Key: HDFS-6556
> URL: https://issues.apache.org/jira/browse/HDFS-6556
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 3.0.0
> Reporter: Yi Liu
> Assignee: Yi Liu
> Fix For: 2.5.0
>
>
> After discuss with Uma, we should refine setting permissions of {{user}} and
> {{trusted}} namespace xattrs.
> *1.* For {{user}} namespace xattrs, In HDFS-6374, says "setXAttr should
> require the user to be the owner of the file or directory", we have a bit
> misunderstanding. It actually is:
> {quote}
> The access permissions for user attributes are defined by the file permission
> bits. only regular files and directories can have extended attributes. For
> sticky directories, only the owner and privileged user can write attributes.
> {quote}
> We can refer to linux source code in
> http://lxr.free-electrons.com/source/fs/xattr.c?v=2.6.35
> I also check in linux, it's controlled by the file permission bits for
> regular files and directories (not sticky).
> *2.* For {{trusted}} namespace, currently we require the user should be owner
> and superuser. Actually superuser is enough.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
