[
https://issues.apache.org/jira/browse/HDDS-12856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17945162#comment-17945162
]
Wei-Chiu Chuang commented on HDDS-12856:
----------------------------------------
getfacl uses FileSystem.getAclStatus() and FileSystem throws
UnsupportedOperationException if the fs doesn't implement it.
And indeed we don't implement getAclStatus() (except for ozone httpfs). What
you described doesn't sounds right.
> ozone fs -getfacl doesn't work as intended on ofs://, should throw
> UnsupportedOperationException
> ------------------------------------------------------------------------------------------------
>
> Key: HDDS-12856
> URL: https://issues.apache.org/jira/browse/HDDS-12856
> Project: Apache Ozone
> Issue Type: Task
> Reporter: Siyao Meng
> Assignee: Siyao Meng
> Priority: Major
>
> {{ozone fs -getfacl}} always seem to output the same dummy ACL list. I
> expected it to throw *UnsupportedOperationException* or print the same set of
> ACLs as {{ozone sh key getacl}} :
> {code}
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "USER",
> "name" : "[email protected]",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> }, {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove an ACL and try getfacl again, no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=user:[email protected]:all
> ACL user:[email protected]:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove the group ACL and try getfacl again, still no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=group:om:all
> ACL group:om:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Note: It is known that *setfacl* doesn't work in Ozone (HDDS-729):
> {code}
> $ ozone fs -setfacl -m default:user:hive:rwx
> ofs://ozone1744783607/vol1/buck1/dir1/key1
> -setfacl: Fatal internal error
> java.lang.UnsupportedOperationException: RootedOzoneFileSystem doesn't
> support modifyAclEntries
> at
> org.apache.hadoop.fs.FileSystem.modifyAclEntries(FileSystem.java:3000)
> ...
> {code}
> I think we should just throw UnsupportedOperationException for ofs:// (and
> o3fs://) in this case, unless there are other compatibility concerns.
> cc [~weichiu] [~Sammi] [~swamirishi]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
