[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lei (Eddy) Xu updated HDFS-13170: - Fix Version/s: (was: 3.0.2) 3.0.3 > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.0.0-alpha2 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Fix For: 3.1.0, 3.0.3 > > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch, > HDFS-13170.003.patch, HDFS-13170.004.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xiao Chen updated HDFS-13170: - Resolution: Fixed Hadoop Flags: Reviewed Fix Version/s: 3.0.2 3.1.0 Status: Resolved (was: Patch Available) Committed to trunk, branch-3.1 and branch-3.0. Thanks for the contribution [~sodonnell]! > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.0.0-alpha2 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Fix For: 3.1.0, 3.0.2 > > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch, > HDFS-13170.003.patch, HDFS-13170.004.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Attachment: HDFS-13170.004.patch > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.0.0-alpha2 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch, > HDFS-13170.003.patch, HDFS-13170.004.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Attachment: HDFS-13170.003.patch > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.0.0-alpha2 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch, > HDFS-13170.003.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xiao Chen updated HDFS-13170: - Affects Version/s: (was: 3.2.0) 3.0.0-alpha2 > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.0.0-alpha2 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Attachment: HDFS-13170.002.patch > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.2.0 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch, HDFS-13170.002.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Affects Version/s: 3.2.0 Status: Patch Available (was: Open) > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Affects Versions: 3.2.0 >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Attachment: HDFS-13170.001.patch > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Reporter: Stephen O'Donnell >Assignee: Stephen O'Donnell >Priority: Major > Attachments: HDFS-13170.001.patch > > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:r-- > user:user2:rwx #effective:r-- > group::r-x #effective:r-- > group:users:rwx #effective:r-- > mask::r-- > other::r-- > {code} > And if you enable this, to fix the bug above, the result is as you would > expect: > {code} > # file: /test_acl/file_from_shell > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx #effective:rw- > user:user2:rwx #effective:rw- > group::r-x #effective:r-- > group:users:rwx #effective:rw- > mask::rw- > other::r-- > {code} > If I then create a file over HTTPFS or webHDFS, the behaviour is not the same > as above: > {code} > # file: /test_acl/default_permissions > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx #effective:r-x > user:user2:rwx #effective:r-x > group::r-x > group:users:rwx #effective:r-x > mask::r-x > other::r-x > {code} > Notice the mask is set to r-x and this remove the write permission on the new > file. > As part of HDFS-6962 a new parameter was added to webhdfs > 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the > same behaviour as when a file is written from the CLI: > {code} > curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" > "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; > # file: /test_acl/unmasked__770 > # owner: user1 > # group: supergroup > user::rwx > user:user1:rwx > user:user2:rwx > group::r-x > group:users:rwx > mask::rwx > other::--- > {code} > However, this parameter was never ported to HTTPFS. > This Jira is to replicate the same changes to HTTPFS so this parameter is > available there too. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
[jira] [Updated] (HDFS-13170) Port webhdfs unmaskedpermission parameter to HTTPFS
[ https://issues.apache.org/jira/browse/HDFS-13170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stephen O'Donnell updated HDFS-13170: - Description: HDFS-6962 fixed a long standing issue where default ACLs are not correctly applied to files when they are created from the hadoop shell. With this change, if you create a file with default ACLs against the parent directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result is: {code} # file: /test_acl/file_from_shell_off # owner: user1 # group: supergroup user::rw- user:user1:rwx #effective:r-- user:user2:rwx #effective:r-- group::r-x #effective:r-- group:users:rwx #effective:r-- mask::r-- other::r-- {code} And if you enable this, to fix the bug above, the result is as you would expect: {code} # file: /test_acl/file_from_shell # owner: user1 # group: supergroup user::rw- user:user1:rwx #effective:rw- user:user2:rwx #effective:rw- group::r-x #effective:r-- group:users:rwx #effective:rw- mask::rw- other::r-- {code} If I then create a file over HTTPFS or webHDFS, the behaviour is not the same as above: {code} # file: /test_acl/default_permissions # owner: user1 # group: supergroup user::rwx user:user1:rwx #effective:r-x user:user2:rwx #effective:r-x group::r-x group:users:rwx #effective:r-x mask::r-x other::r-x {code} Notice the mask is set to r-x and this remove the write permission on the new file. As part of HDFS-6962 a new parameter was added to webhdfs 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the same behaviour as when a file is written from the CLI: {code} curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" "http://namenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; # file: /test_acl/unmasked__770 # owner: user1 # group: supergroup user::rwx user:user1:rwx user:user2:rwx group::r-x group:users:rwx mask::rwx other::--- {code} However, this parameter was never ported to HTTPFS. This Jira is to replicate the same changes to HTTPFS so this parameter is available there too. was: HDFS-6962 fixed a long standing issue where default ACLs are not correctly applied to files when they are created from the hadoop shell. With this change, if you create a file with default ACLs against the parent directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result is: {code} # file: /test_acl/file_from_shell_off # owner: user1 # group: supergroup user::rw- user:user1:rwx #effective:r-- user:user2:rwx #effective:r-- group::r-x #effective:r-- group:users:rwx #effective:r-- mask::r-- other::r-- {code} And if you enable this, to fix the bug above, the result is as you would expect: {code} # file: /test_acl/file_from_shell # owner: user1 # group: supergroup user::rw- user:user1:rwx #effective:rw- user:user2:rwx #effective:rw- group::r-x #effective:r-- group:users:rwx #effective:rw- mask::rw- other::r-- {code} If I then create a file over HTTPFS or webHDFS, the behaviour is not the same as above: {code} # file: /test_acl/default_permissions # owner: user1 # group: supergroup user::rwx user:user1:rwx #effective:r-x user:user2:rwx #effective:r-x group::r-x group:users:rwx #effective:r-x mask::r-x other::r-x {code} Notice the mask is set to r-x and this remove the write permission on the new file. As part of HDFS-6962 a new parameter was added to webhdfs 'unmaskedpermission'. By passing it to a webhdfs call, it can result in the same behaviour as when a file is written from the CLI: {code} curl -i -X PUT -T test.txt --header "Content-Type:application/octet-stream" "http://host-10-17-103-28.coe.cloudera.comnamenode:50075/webhdfs/v1/test_acl/unmasked__770?op=CREATE=user1=namenode:8020=false=770; # file: /test_acl/unmasked__770 # owner: user1 # group: supergroup user::rwx user:user1:rwx user:user2:rwx group::r-x group:users:rwx mask::rwx other::--- {code} However, this parameter was never ported to HTTPFS. This Jira is to replicate the same changes to HTTPFS so this parameter is available there too. > Port webhdfs unmaskedpermission parameter to HTTPFS > --- > > Key: HDFS-13170 > URL: https://issues.apache.org/jira/browse/HDFS-13170 > Project: Hadoop HDFS > Issue Type: Improvement >Reporter: Stephen O'Donnell >Priority: Major > > HDFS-6962 fixed a long standing issue where default ACLs are not correctly > applied to files when they are created from the hadoop shell. > With this change, if you create a file with default ACLs against the parent > directory, with dfs.namenode.posix.acl.inheritance.enabled=false, the result > is: > {code} > # file: /test_acl/file_from_shell_off > # owner: user1 > # group: supergroup > user::rw- > user:user1:rwx