[
https://issues.apache.org/jira/browse/HDDS-4335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17391956#comment-17391956
]
Shashikant Banerjee commented on HDDS-4335:
-------------------------------------------
The issue is very specific to Ozone FS not ozone shell. The Fs interface needs
to translate hadoop native acls to Ozone native acls to make it replicate the
behaviour similar to what hdfs does. This will specifically will come into
picture when we try replication using "distcp" from hdfs cluster to ozone
cluster where you want to preserve the permissions/acls during the replication
flow.
Its not an issue i agree as per the current design but an improvement for such
requirements.
> No user access checks in Ozone FS
> ---------------------------------
>
> Key: HDDS-4335
> URL: https://issues.apache.org/jira/browse/HDDS-4335
> Project: Apache Ozone
> Issue Type: Bug
> Reporter: Shashikant Banerjee
> Assignee: Neil Joshi
> Priority: Major
>
> Currently, a dir/file created with hdfs user cab be deleted by any user.
> {code:java}
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone
> fs -mkdir o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> Found 1 items
> drwxrwxrwx - hdfs hdfs 0 2020-10-12 02:51
> o3fs://bucket1.vol1.ozone1/data/sandbox/poc/teragen
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ ozone fs -rm -r
> o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> 20/10/12 02:52:16 INFO Configuration.deprecation: io.bytes.per.checksum is
> deprecated. Instead, use dfs.bytes-per-checksum
> 20/10/12 02:52:16 INFO ozone.BasicOzoneFileSystem: Move to trash is disabled
> for o3fs, deleting instead: o3fs://bucket1.vol1.ozone1/data/sandbox/poc.
> Files or directories will NOT be retained in trash. Ignore the following
> TrashPolicyDefault message, if any.
> 20/10/12 02:52:16 INFO fs.TrashPolicyDefault: Moved:
> 'o3fs://bucket1.vol1.ozone1/data/sandbox/poc' to trash at:
> /.Trash/sbanerjee/Current/data/sandbox/poc1602496336480
> [sbanerjee@vd1308 MapReduce-Performance_Testing-master]$ sudo -u hdfs ozone
> fs -ls o3fs://bucket1.vol1.ozone1/data/sandbox/poc/
> ls: `o3fs://bucket1.vol1.ozone1/data/sandbox/poc/': No such file or directory
> {code}
> Whereas, the same seuquence fails with permission denied error in HDFS.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
