[
https://issues.apache.org/jira/browse/HDDS-7266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17611684#comment-17611684
]
Attila Doroszlai commented on HDDS-7266:
----------------------------------------
Thanks [~NeilJoshi] for the details. Is it reproducible with native authorizer?
> Ozone fs does not show directory exists if user does not have permission to
> access
> ----------------------------------------------------------------------------------
>
> Key: HDDS-7266
> URL: https://issues.apache.org/jira/browse/HDDS-7266
> Project: Apache Ozone
> Issue Type: Bug
> Reporter: Neil Joshi
> Priority: Major
>
> Using ozone fs with {*}_ranger authorizer_{*}, users having a deny policy for
> a directory that list the directory are not displayed when listing , ozone fs
> -ls /vol1. This is *_unexpected_* and can alarm the users that the directory
> and its contents have been lost.
> What *_is expected_* is showing the directory even if the user does have
> access permissions, but when the user accesses the directory it receives a
> permission error.
>
>
> {code:java}
> given volume: vol1, bucket: bucket1 and key: hosts,
> /vol1/bucket1/hosts
> when bucket1 is part of a ranger deny policy for a user what occurs is:
> $ozone sh key info /vol1/bucket1/hosts
> PERMISSION_DENIED User <user> doesn't have READ permission to access bucket
> Volume:vol1 Bucket:bucket1
> This is what is expected. For ozone fs accesses however what occurs is:
> $ozone fs -ls /vol1/bucket1/
> ls: /vol1/bucket1/: No such file or directory
> {code}
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
