[
https://issues.apache.org/jira/browse/HDDS-12856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Siyao Meng updated HDDS-12856:
------------------------------
Description:
{{ozone fs -getfacl}} always seem to output the same dummy ACL list. I expected
it to throw *UnsupportedOperationException* or print the same set of ACLs as
{{ozone sh key getacl}} :
{code}
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ {
"type" : "USER",
"name" : "[email protected]",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
}, {
"type" : "GROUP",
"name" : "om",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
} ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Remove an ACL and try getfacl again, no change in output:
{code}
$ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
--acls=user:[email protected]:all
ACL user:[email protected]:la[ACCESS] removed successfully.
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ {
"type" : "GROUP",
"name" : "om",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
} ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Remove the group ACL and try getfacl again, still no change in output:
{code}
$ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
--acls=group:om:all
ACL group:om:la[ACCESS] removed successfully.
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Note: It is known that *setfacl* doesn't work in Ozone (HDDS-729):
{code}
$ ozone fs -setfacl -m default:user:hive:rwx
ofs://ozone1744783607/vol1/buck1/dir1/key1
-setfacl: Fatal internal error
java.lang.UnsupportedOperationException: RootedOzoneFileSystem doesn't support
modifyAclEntries
at
org.apache.hadoop.fs.FileSystem.modifyAclEntries(FileSystem.java:3000)
...
{code}
I think we should just throw UnsupportedOperationException for ofs:// (and
o3fs://) in this case, unless there are other compatibility concerns.
cc [~weichiu] [~Sammi] [~swamirishi]
was:
{{ozone fs -getfacl}} always seem to output the same dummy ACL list. I expected
it to throw *UnsupportedOperationException* or print the same set of ACLs as
{{ozone sh key getacl}}
{code}
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ {
"type" : "USER",
"name" : "[email protected]",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
}, {
"type" : "GROUP",
"name" : "om",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
} ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Remove an ACL and try getfacl again, no change in output:
{code}
$ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
--acls=user:[email protected]:all
ACL user:[email protected]:la[ACCESS] removed successfully.
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ {
"type" : "GROUP",
"name" : "om",
"aclScope" : "ACCESS",
"aclList" : [ "ALL" ]
} ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Remove the group ACL and try getfacl again, still no change in output:
{code}
$ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
--acls=group:om:all
ACL group:om:la[ACCESS] removed successfully.
$ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
[ ]
$ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
# file: ofs://ozone1744783607/vol1/buck1/dir1/key1
# owner: om
# group: om
user::rw-
group::rw-
other::rw-
{code}
Note: It is known that *setfacl* doesn't work in Ozone (HDDS-729):
{code}
$ ozone fs -setfacl -m default:user:hive:rwx
ofs://ozone1744783607/vol1/buck1/dir1/key1
-setfacl: Fatal internal error
java.lang.UnsupportedOperationException: RootedOzoneFileSystem doesn't support
modifyAclEntries
at
org.apache.hadoop.fs.FileSystem.modifyAclEntries(FileSystem.java:3000)
...
{code}
I think we should just throw UnsupportedOperationException for ofs:// (and
o3fs://) in this case, unless there are other compatibility concerns
cc [~weichiu] [~Sammi] [~swamirishi]
> ozone fs -getfacl doesn't work as intended on ofs://, should throw
> UnsupportedOperationException
> ------------------------------------------------------------------------------------------------
>
> Key: HDDS-12856
> URL: https://issues.apache.org/jira/browse/HDDS-12856
> Project: Apache Ozone
> Issue Type: Task
> Reporter: Siyao Meng
> Assignee: Siyao Meng
> Priority: Major
>
> {{ozone fs -getfacl}} always seem to output the same dummy ACL list. I
> expected it to throw *UnsupportedOperationException* or print the same set of
> ACLs as {{ozone sh key getacl}} :
> {code}
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "USER",
> "name" : "[email protected]",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> }, {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove an ACL and try getfacl again, no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=user:[email protected]:all
> ACL user:[email protected]:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove the group ACL and try getfacl again, still no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=group:om:all
> ACL group:om:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Note: It is known that *setfacl* doesn't work in Ozone (HDDS-729):
> {code}
> $ ozone fs -setfacl -m default:user:hive:rwx
> ofs://ozone1744783607/vol1/buck1/dir1/key1
> -setfacl: Fatal internal error
> java.lang.UnsupportedOperationException: RootedOzoneFileSystem doesn't
> support modifyAclEntries
> at
> org.apache.hadoop.fs.FileSystem.modifyAclEntries(FileSystem.java:3000)
> ...
> {code}
> I think we should just throw UnsupportedOperationException for ofs:// (and
> o3fs://) in this case, unless there are other compatibility concerns.
> cc [~weichiu] [~Sammi] [~swamirishi]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
