Issue Details (XML | Word | Printable)

Key: HADOOP-3953
Type: Improvement Improvement
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Jakob Homan
Reporter: Koji Noguchi
Votes: 0
Watchers: 6
Operations

If you were logged in you would be able to see more operations.
Hadoop Common

Sticky bit for directories

Created: 14/Aug/08 05:07 PM   Updated: 29/Sep/09 05:17 PM
Return to search
Component/s: None
Affects Version/s: None
Fix Version/s: 0.21.0

Time Tracking:
Not Specified

File Attachments:
  File Name Date Attached Attached By Size
Text File Licensed for inclusion in ASF works HADOOP-3953.patch 2009-01-13 11:39 PM Jakob Homan 39 kB
Text File Licensed for inclusion in ASF works HADOOP-3953.patch 2009-01-08 12:44 AM Jakob Homan 42 kB
Text File Licensed for inclusion in ASF works HADOOP-3953.patch 2009-01-05 07:51 PM Jakob Homan 62 kB
Text File Licensed for inclusion in ASF works HADOOP-3953.patch 2009-01-05 06:56 PM Jakob Homan 55 kB
Issue Links:
Reference
 

Hadoop Flags: Reviewed, Incompatible change
Release Note: UNIX-style sticky bit implemented for HDFS directories. When the sticky bit is set on a directory, files in that directory may be deleted or renamed only by a superuser or the file's owner.
Resolution Date: 15/Jan/09 01:41 AM


 Description  « Hide
Our users (especially Pig) heavily use /tmp for temporary storage.
Permission are set to 777.

However, this means any users can rename and also remove (by moving to .Trash) other users directories and files.
It would be nice if we can have a sticky bit like unix.

Copy&Pasted from manpage.

STICKY DIRECTORIES
When the sticky bit is set on a directory, files in that directory may be unlinked or renamed only by
root or their owner. Without the sticky bit, anyone able to write to the directory can delete or rename
files. The sticky bit is commonly found on directories, such as /tmp, that are world-writable.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Hemanth Yamijala added a comment - 15/Aug/08 01:29 AM
+1. When working on HOD, it seemed like this would be very useful in some cases where we wanted shared space for all users.

[ Permlink | « Hide ]
Allen Wittenauer added a comment - 22/Sep/08 05:31 PM
We just had a user wipe out /tmp.

When are we getting this capability?


[ Permlink | « Hide ]
Jakob Homan added a comment - 04/Dec/08 09:19 PM
To keep Unix-like semantics, it seems reasonable to be able to set the sticky bit on a file (compared to a directory), but that doing so will have no effect on the file. Unless anyone has a good reason to deviate?

[ Permlink | « Hide ]
Arun C Murthy added a comment - 04/Dec/08 09:36 PM

To keep Unix-like semantics, it seems reasonable to be able to set the sticky bit on a file (compared to a directory), but that doing so will have no effect on the file. Unless anyone has a good reason to deviate?

+1 with the caveat that we heavily document the meaning of sticky bit for files.


[ Permlink | « Hide ]
Jakob Homan added a comment - 05/Jan/09 06:56 PM
Here's an initial patch for review. This includes the sticky bit implementation and unit tests. I still need to go through the user documentation and update that; I'll do that now and update the patch shortly with just the documentation changes.

[ Permlink | « Hide ]
Jakob Homan added a comment - 05/Jan/09 07:51 PM
Updated user docs and shell help. Ready for review.

[ Permlink | « Hide ]
Tsz Wo (Nicholas), SZE added a comment - 07/Jan/09 02:01 AM
patch looks good to me. Only one nit: FsPermission.set(FsAction u, FsAction g, FsAction o) is not useful anymore, please remove it.

[ Permlink | « Hide ]
Jakob Homan added a comment - 08/Jan/09 12:44 AM
Updated with Nicholas' suggestions. 
     [exec] +1 overall.  
     [exec] 
     [exec]     +1 @author.  The patch does not contain any @author tags.
     [exec] 
     [exec]     +1 tests included.  The patch appears to include 8 new or modified tests.
     [exec] 
     [exec]     +1 javadoc.  The javadoc tool did not generate any warning messages.
     [exec] 
     [exec]     +1 javac.  The applied patch does not increase the total number of javac compiler warnings.
     [exec] 
     [exec]     +1 findbugs.  The patch does not introduce any new Findbugs warnings.
     [exec] 
     [exec]     +1 Eclipse classpath. The patch retains Eclipse classpath integrity.

[ Permlink | « Hide ]
Tsz Wo (Nicholas), SZE added a comment - 08/Jan/09 10:02 PM
  • The changes in FSDirectory should be reverted since the case is already taken care in INodeFile.
  • For the unit tests, leaving empty catch block is generally a bad practice since there might be some unexpected exceptions. For example, in the codes below, it is correct only if ioe is a sticky bit related exception. It is incorrect if some other IOException like FileNotFoundException is thrown. 
    +      try {
+        hdfs.rename(file, new Path(tmpPath2, "renamed"));
+        fail("Shouldn't be able to rename someone else's file with SB on");
+      } catch (IOException ioe) {
+        // Correct
+      }

    It would be great if you can combine some of them together, so that they take less execution time. I am fine if you don't want to change the tests although I strongly recommend to do so.

Sorry for not seeing these problems in my previous review.


[ Permlink | « Hide ]
Jakob Homan added a comment - 13/Jan/09 11:39 PM
  • Addressed Nicholas' comments
  • Refined chmod processing
  • Tightened up testing 
         [exec] +1 overall.  
     [exec] 
     [exec]     +1 @author.  The patch does not contain any @author tags.
     [exec] 
     [exec]     +1 tests included.  The patch appears to include 10 new or modified tests.
     [exec] 
     [exec]     +1 javadoc.  The javadoc tool did not generate any warning messages.
     [exec] 
     [exec]     +1 javac.  The applied patch does not increase the total number of javac compiler warnings.
     [exec] 
     [exec]     +1 findbugs.  The patch does not introduce any new Findbugs warnings.
     [exec] 
     [exec]     +1 Eclipse classpath. The patch retains Eclipse classpath integrity.

[ Permlink | « Hide ]
Tsz Wo (Nicholas), SZE added a comment - 14/Jan/09 11:04 PM
+1 patch looks good.

Please post the local unit test results when they are ready.


[ Permlink | « Hide ]
Jakob Homan added a comment - 15/Jan/09 01:13 AM
All local unit tests passed except the known-failure documented in HADOOP-4907.

[ Permlink | « Hide ]
Tsz Wo (Nicholas), SZE added a comment - 15/Jan/09 01:41 AM
I just committed this. Thanks, Jakob!

This needs release note. Please fill it out.


[ Permlink | « Hide ]
Raghu Angadi added a comment - 16/Jan/09 01:55 AM
Jakob, release notes sounds much scarier than it should be. Just selecting an incompatible flag is enough, I think.

[ Permlink | « Hide ]
Robert Chansler added a comment - 29/Sep/09 05:17 PM
Editorial pass over all release notes prior to publication of 0.21.


Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators