[
https://issues.apache.org/jira/browse/HDFS-6509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14075150#comment-14075150
]
Andrew Wang commented on HDFS-6509:
-----------------------------------
FSN and FSDir:
* You can just do {{isReservedRawName(src)}} in place rather than declaring a
new variable if it's not being reused. Very cheap function too.
* Lines longer than 80 chars
* Need <p/> to line break in a javadoc comment.
* I shy away from the term "namespace" for raw, can we just say "directory"? It
is just a directory after all.
* FSDirectory, not a fan of even mildly complicated ternary statements. Can we
turn these into ifs, or at least not inline them into method calls?
* Calling up to FSNamesystem from FSDirectory is a no-no, since we want to
separate FSD and FSN locks and promote a lock hierarchy. Can we do the
superuser check in FSNamesystem?
* Stripping the prefix off is scary because we lose context. At the very least,
we should log the original path in the audit log. Various log messages will be
more confusing. I think using the stripped path is okay in the edit log.
* Some javadocs needs updating for the new isRawPath parameter.
Test:
* Helper methods look duplicated from TestEncryptionZones. Let's extract the
common code somewhere like DFSTestUtil or GenericTestUtils.
* Why is the special casing necessary in TestDFSUtil for mkdirs? If mkdirs
behaves incorrectly on a raw path, then we should fix mkdirs. A normal user
could call mkdirs on a raw path after all.
* Can we name the test "TestReservedRawPaths"?
* The ".." tests, let's do some tests where the ".." is in between .reserved
and raw.
* There's a dfsadmin defined for the class, why create a new one in each test?
The dfsAdmin in testRelativePathnames also isn't used.
* Why can't we list /.reserved? Seems like it should work. Should also assert
the entry that we get back is the entry we expect, not just the length.
> create a /.reserved/raw filesystem namespace
> --------------------------------------------
>
> Key: HDFS-6509
> URL: https://issues.apache.org/jira/browse/HDFS-6509
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: security
> Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
> Reporter: Charles Lamb
> Assignee: Charles Lamb
> Attachments: HDFS-6509.001.patch,
> HDFS-6509distcpandDataatRestEncryption-2.pdf,
> HDFS-6509distcpandDataatRestEncryption-3.pdf,
> HDFS-6509distcpandDataatRestEncryption.pdf
>
>
> This is part of the work for making distcp work with Data at Rest Encryption.
> Per the attached document, create a /.reserved/raw HDFS filesystem namespace
> that allows access to the encrypted bytes of a file.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
