[
https://issues.apache.org/jira/browse/HDDS-10905?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Doroszlai resolved HDDS-10905.
-------------------------------------
Fix Version/s: 1.5.0
Resolution: Implemented
> Implement getHomeDirectory in Ozone file system implementations to return
> /user/<ugi user> in a secure cluster
> --------------------------------------------------------------------------------------------------------------
>
> Key: HDDS-10905
> URL: https://issues.apache.org/jira/browse/HDDS-10905
> Project: Apache Ozone
> Issue Type: Improvement
> Components: Ozone Filesystem
> Reporter: Saketa Chalamchala
> Assignee: Saketa Chalamchala
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.5.0
>
>
> Services like Oozie use org.apache.hadoop.fs.FileSystem.getHomeDirectory() to
> get user directory on a Filesystem to write temporary .staging files &
> directories
> By default, FileSystem.getHomeDirectory() returns the current process' user
> name (eg. /user/oozie) even if the process has securely impersonated another
> user(eg. testuser) using
> [UserGroupInformation.doAs().|https://hadoop.apache.org/docs/r1.2.1/Secure_Impersonation.html]
> OzoneFileSystem implementation must return the securely impersonated user's
> home directory like in other FileSystem implementations like HDFS. This would
> make managing Acls easier i.e., access to buckets like /user/testuser can be
> limited to testuser only.
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
