[jira] [Commented] (HDFS-6730) Create a .RAW extended attribute namespace

Tue, 29 Jul 2014 16:31:17 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-6730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14078606#comment-14078606
 ] 

Andrew Wang commented on HDFS-6730:
-----------------------------------

Hi Charles, thanks for working on this, some review comments:

* The term "FS namespace" to refer to /.reserved/raw is confusing, would prefer 
"special directory" instead.
* I sympathize with all the javadoc updates. Since the same xattr stuff is copy 
pasted everywhere, there's a zillion places that need updating. I'd be in favor 
of ripping out all these specific mentions and centralizing the information 
somewhere, for instance the user documentation, or XAttr. This could happen in 
a JIRA on trunk/branch-2.
* Related to the previous, some methods like e.g. ClientProtocol#getXAttrs 
still don't mention the visibility rules for raw. If we rip these out, we won't 
need to update all of them too.
* XAttr user documentation could use an update

XAttrPermissionFilter and XAttr
* I'd prefer a slightly more general update to the class javadocs. We might use 
raw for compression in the future too, so I'd say something like "used for 
internal system attributes that sometimes need to be exposed...".
* Very minor, but "Only the super user may access them." would better be worded 
"These attributes can only be accessed by the superuser."

Test:
* Could we do multiple try/catches for the non-root user in a single doAs? 
There's a lot of c+p boilerplate right now.
* Can we test root listing the not-raw path, and verifying raw xattrs don't 
show up? Maybe I missed this.


> Create a .RAW extended attribute namespace
> ------------------------------------------
>
>                 Key: HDFS-6730
>                 URL: https://issues.apache.org/jira/browse/HDFS-6730
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode, security
>    Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>            Reporter: Charles Lamb
>            Assignee: Charles Lamb
>         Attachments: HDFS-6730.001.patch
>
>
> As part of the work to make distcp work with Data at Rest Encryption, we need 
> to create a RAW. extended attribute namespace. See the doc and comments in 
> HDFS-6509 for details. All of the encryption-related xattrs will move to this 
> namespace.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to