Saketa Chalamchala created HDDS-10905:
-----------------------------------------
Summary: Implement getHomeDirectory in Ozone file system
implementations to return /user/<ugi user> in a secure cluster
Key: HDDS-10905
URL: https://issues.apache.org/jira/browse/HDDS-10905
Project: Apache Ozone
Issue Type: Improvement
Components: Ozone Filesystem
Reporter: Saketa Chalamchala
Assignee: Saketa Chalamchala
Services like Oozie use org.apache.hadoop.fs.FileSystem.getHomeDirectory() to
get user directory on a Filesystem to write temporary .staging files &
directories
By default, FileSystem.getHomeDirectory() returns the current process' user
name (eg. /user/oozie) even if the process has securely impersonated another
user(eg. testuser) using
[UserGroupInformation.doAs().|https://hadoop.apache.org/docs/r1.2.1/Secure_Impersonation.html]
OzoneFileSystem implementation must return the securely impersonated user's
home directory like in other FileSystem implementations like HDFS. This would
make managing Acls easier i.e., access to buckets like /user/testuser can be
limited to testuser only.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
