Abhiraj Butala created HDFS-6703:
------------------------------------
Summary: NFS: Files can be deleted from a read-only mount
Key: HDFS-6703
URL: https://issues.apache.org/jira/browse/HDFS-6703
Project: Hadoop HDFS
Issue Type: Bug
Components: nfs
Reporter: Abhiraj Butala
As reported by bigdatagroup <[email protected]> on hadoop-users mailing
list:
{code}
We exported our distributed filesystem with the following configuration
(Managed by Cloudera Manager over CDH 5.0.1):
<property>
<name>dfs.nfs.exports.allowed.hosts</name>
<value>192.168.0.153 ro</value>
</property>
As you can see, we expect the exported FS to be read-only, but in fact we are
able to delete files and folders stored on it (where the user has the correct
permissions), from the client machine that mounted the FS.
Other writing operations are correctly blocked.
Hadoop Version in use: 2.3.0+cdh5.0.1+567"
{code}
I was able to reproduce the issue on latest hadoop trunk. Though I could only
delete files, deleting directories were correctly blocked:
{code}
abutala@abutala-vBox:/mnt/hdfs$ mount | grep 127
127.0.1.1:/ on /mnt/hdfs type nfs (rw,vers=3,proto=tcp,nolock,addr=127.0.1.1)
abutala@abutala-vBox:/mnt/hdfs$ ls -lh
total 512
-rw-r--r-- 1 abutala supergroup 0 Jul 17 18:51 abc.txt
drwxr-xr-x 2 abutala supergroup 64 Jul 17 18:31 temp
abutala@abutala-vBox:/mnt/hdfs$ rm abc.txt
abutala@abutala-vBox:/mnt/hdfs$ ls
temp
abutala@abutala-vBox:/mnt/hdfs$ rm -r temp
rm: cannot remove `temp': Permission denied
abutala@abutala-vBox:/mnt/hdfs$ ls
temp
abutala@abutala-vBox:/mnt/hdfs$
{code}
Contents of hdfs-site.xml:
{code}
<configuration>
<property>
<name>dfs.nfs3.dump.dir</name>
<value>/tmp/.hdfs-nfs3</value>
</property>
<property>
<name>dfs.nfs.exports.allowed.hosts</name>
<value>localhost ro</value>
</property>
</configuration>
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
