[
https://issues.apache.org/jira/browse/HDDS-3402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Arpit Agarwal resolved HDDS-3402.
---------------------------------
Resolution: Duplicate
> Use proper acls for sub directories created during CreateDirectory operation
> ----------------------------------------------------------------------------
>
> Key: HDDS-3402
> URL: https://issues.apache.org/jira/browse/HDDS-3402
> Project: Apache Ozone
> Issue Type: Bug
> Components: Ozone Manager
> Reporter: Bharat Viswanadham
> Assignee: Ashish Kumar
> Priority: Blocker
> Labels: TriagePending
>
> Use proper ACLS for subdirectories created during create directory operation.
> All subdirectories/missing directories should inherit the ACLS from the
> bucket if ancestors are not present in key table. If present should inherit
> the ACLS from its ancestor.
> Additionally, keys and dirs directly under a bucket should inherit ACLs from
> their parent bucket by default. e.g. Ranger allow policy on a *bucket* should
> grant access to keys and dirs in it as well (when not explicitly denied by
> other policies). Currently this is not the case: in Ranger an additional
> key-level policy has to be added, for example, for clients to create new
> *keys* in the bucket, even when there are allow policies on the parent bucket
> and volume. (LEGACY/OBS buckets doesn't require this extra key-level policy.
> And this deviation leads to different ACL behavior between FSO and LEGACY/OBS
> buckets.)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
