[
https://issues.apache.org/jira/browse/HDDS-4655?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chung En Lee updated HDDS-4655:
-------------------------------
Target Version/s: 2.2.0 (was: 1.2.0)
2.2.0 (was: 2.1.0)
<<Bulk update>>
Apache Ozone 2.1.0 release is in progress. I'm updating all unresolved jiras
targeting 2.1.0 to retarget 2.2.0.
> New Native Ozone Authorizer ACL model
> -------------------------------------
>
> Key: HDDS-4655
> URL: https://issues.apache.org/jira/browse/HDDS-4655
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Xiaoyu Yao
> Assignee: Xiaoyu Yao
> Priority: Major
>
> The current Native Ozone Authorize has several limitations for recursive
> operations
> 1. It does not support efficient recursive ACL set
> Hive uses a recursive ACL set to change the directory(table) ACLs. ONA v1
> does not support this. As a result, this has been translated into recursive
> setAcl call individually, which is quite slow compared with HDFS.
> 2. It does not support efficient recursive ACL check
> This is required for rename/delete operations when the Trash feature is
> enabled on Ozone HCFS: ofs or o3fs.
> This ticket is opened to improve the native ozone authorizer for these
> recursive operations by deprecating per key ACL support. The new model will
> allow default ACLs on volume/bucket/prefix levels.
> Instead of populate ACCESS ACL upon set, the ACCESS ACL will always
> determined at runtime based on the DEFAULT ACLs of its parent.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
