[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Allen Wittenauer updated HDFS-8312: --- Release Note: Permissions are now checked when moving a file to Trash. > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.2 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-branch-2.8.1.001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Allen Wittenauer updated HDFS-8312: --- Release Note: (was: HDFS-8312. Added permission check for moving file to Trash. (Weiwei Yang via Eric Yang)) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.2 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-branch-2.8.1.001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Akira Ajisaka updated HDFS-8312: Fix Version/s: (was: 2.8.3) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.2 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-branch-2.8.1.001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brahma Reddy Battula updated HDFS-8312: --- Fix Version/s: 2.8.3 > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.2, 2.8.3 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-branch-2.8.1.001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-branch-2.8.1.001.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-branch-2.8.1.001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brahma Reddy Battula updated HDFS-8312: --- Fix Version/s: 2.8.1 2.7.4 > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brahma Reddy Battula updated HDFS-8312: --- Labels: (was: release-blocker) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 2.7.4, 3.0.0-alpha1, 2.8.1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brahma Reddy Battula updated HDFS-8312: --- Attachment: HDFS-8312-branch-2.7.patch Uploading the branch-2.7 patch.Kindly Review. > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Labels: release-blocker > Fix For: 2.9.0, 3.0.0-alpha1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.7.patch, HDFS-8312-branch-2.8.01.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Konstantin Shvachko updated HDFS-8312: -- Labels: release-blocker (was: ) Target Version/s: 2.7.4 > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Labels: release-blocker > Fix For: 2.9.0, 3.0.0-alpha1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.8.01.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-branch-2.8.01.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0, 3.0.0-alpha1 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-branch-2.8.01.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Eric Yang updated HDFS-8312: Resolution: Fixed Fix Version/s: 2.9.0 Release Note: HDFS-8312. Added permission check for moving file to Trash. (Weiwei Yang via Eric Yang) Status: Resolved (was: Patch Available) +1 looks good. I just committed this to branch-2 and trunk. Thank you, Weiwei. > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Fix For: 2.9.0 > > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: (was: HDFS-8312-005.patch) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-005.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Status: Patch Available (was: In Progress) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.7.2, 2.6.0, 2.2.0 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Status: In Progress (was: Patch Available) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.7.2, 2.6.0, 2.2.0 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-005.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-005.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-004.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-004.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-003.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-003.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Status: Patch Available (was: In Progress) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.7.2, 2.6.0, 2.2.0 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-002.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-002.patch, > HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Status: In Progress (was: Patch Available) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.7.2, 2.6.0, 2.2.0 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Status: Patch Available (was: In Progress) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.7.2, 2.6.0, 2.2.0 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-001.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-001.patch, HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Priority: Critical (was: Major) > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang >Priority: Critical > Attachments: HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Attachment: HDFS-8312-testcase.patch > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang > Attachments: HDFS-8312-testcase.patch > > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Weiwei Yang updated HDFS-8312: -- Affects Version/s: 2.7.2 > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0, 2.7.2 >Reporter: Eric Yang >Assignee: Weiwei Yang > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tsz Wo Nicholas Sze updated HDFS-8312: -- Component/s: (was: HDFS) fs > Trash does not descent into child directories to check for permissions > -- > > Key: HDFS-8312 > URL: https://issues.apache.org/jira/browse/HDFS-8312 > Project: Hadoop HDFS > Issue Type: Bug > Components: fs, security >Affects Versions: 2.2.0, 2.6.0 >Reporter: Eric Yang > > HDFS trash does not descent into child directory to check if user has > permission to delete files. For example: > Run the following command to initialize directory structure as super user: > {code} > hadoop fs -mkdir /BSS/level1 > hadoop fs -mkdir /BSS/level1/level2 > hadoop fs -mkdir /BSS/level1/level2/level3 > hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt > hadoop fs -chown -R user1:users /BSS/level1 > hadoop fs -chown -R 750 /BSS/level1 > hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt > hadoop fs -chmod 775 /BSS > {code} > Change to a normal user called user2. > When trash is enabled: > {code} > sudo su user2 - > hadoop fs -rm -r /BSS/level1 > 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 3600 minutes, Emptier interval = 0 minutes. > Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: > hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current > {code} > When trash is disabled: > {code} > /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r > /BSS/level1 > 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: > Deletion interval = 0 minutes, Emptier interval = 0 minutes. > rm: Permission denied: user=user2, access=ALL, > inode="/BSS/level1":user1:users:drwxr-x--- > {code} > There is inconsistency between trash behavior and delete behavior. When > trash is enabled, files owned by user1 is deleted by user2. It looks like > trash does not recursively validate if the child directory files can be > removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kiran Kumar M R updated HDFS-8312: -- Assignee: (was: Kiran Kumar M R) Trash does not descent into child directories to check for permissions -- Key: HDFS-8312 URL: https://issues.apache.org/jira/browse/HDFS-8312 Project: Hadoop HDFS Issue Type: Bug Components: HDFS, security Affects Versions: 2.2.0, 2.6.0 Reporter: Eric Yang HDFS trash does not descent into child directory to check if user has permission to delete files. For example: Run the following command to initialize directory structure as super user: {code} hadoop fs -mkdir /BSS/level1 hadoop fs -mkdir /BSS/level1/level2 hadoop fs -mkdir /BSS/level1/level2/level3 hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt hadoop fs -chown -R user1:users /BSS/level1 hadoop fs -chown -R 750 /BSS/level1 hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt hadoop fs -chmod 775 /BSS {code} Change to a normal user called user2. When trash is enabled: {code} sudo su user2 - hadoop fs -rm -r /BSS/level1 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion interval = 3600 minutes, Emptier interval = 0 minutes. Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current {code} When trash is disabled: {code} /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r /BSS/level1 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion interval = 0 minutes, Emptier interval = 0 minutes. rm: Permission denied: user=user2, access=ALL, inode=/BSS/level1:user1:users:drwxr-x--- {code} There is inconsistency between trash behavior and delete behavior. When trash is enabled, files owned by user1 is deleted by user2. It looks like trash does not recursively validate if the child directory files can be removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HDFS-8312) Trash does not descent into child directories to check for permissions
[ https://issues.apache.org/jira/browse/HDFS-8312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Takanobu Asanuma updated HDFS-8312: --- Assignee: (was: Takanobu Asanuma) Trash does not descent into child directories to check for permissions -- Key: HDFS-8312 URL: https://issues.apache.org/jira/browse/HDFS-8312 Project: Hadoop HDFS Issue Type: Bug Components: HDFS, security Affects Versions: 2.2.0, 2.6.0 Reporter: Eric Yang HDFS trash does not descent into child directory to check if user has permission to delete files. For example: Run the following command to initialize directory structure as super user: {code} hadoop fs -mkdir /BSS/level1 hadoop fs -mkdir /BSS/level1/level2 hadoop fs -mkdir /BSS/level1/level2/level3 hadoop fs -put /tmp/appConfig.json /BSS/level1/level2/level3/testfile.txt hadoop fs -chown user1:users /BSS/level1/level2/level3/testfile.txt hadoop fs -chown -R user1:users /BSS/level1 hadoop fs -chown -R 750 /BSS/level1 hadoop fs -chmod -R 640 /BSS/level1/level2/level3/testfile.txt hadoop fs -chmod 775 /BSS {code} Change to a normal user called user2. When trash is enabled: {code} sudo su user2 - hadoop fs -rm -r /BSS/level1 15/05/01 16:51:20 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion interval = 3600 minutes, Emptier interval = 0 minutes. Moved: 'hdfs://bdvs323.svl.ibm.com:9000/BSS/level1' to trash at: hdfs://bdvs323.svl.ibm.com:9000/user/user2/.Trash/Current {code} When trash is disabled: {code} /opt/ibm/biginsights/IHC/bin/hadoop fs -Dfs.trash.interval=0 -rm -r /BSS/level1 15/05/01 16:58:31 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion interval = 0 minutes, Emptier interval = 0 minutes. rm: Permission denied: user=user2, access=ALL, inode=/BSS/level1:user1:users:drwxr-x--- {code} There is inconsistency between trash behavior and delete behavior. When trash is enabled, files owned by user1 is deleted by user2. It looks like trash does not recursively validate if the child directory files can be removed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)