Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-10324

Trash directory in an encryption zone should be pre-created with correct permissions

Log workAgile BoardRank to TopRank to BottomAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.8.0
    • 2.8.0, 3.0.0-alpha1
    • encryption
    • None
    • CDH5.7.0

    • Reviewed
    • Hide
      HDFS will create a ".Trash" subdirectory when creating a new encryption zone to support soft delete for files deleted within the encryption zone. A new "crypto -provisionTrash" command has been introduced to provision trash directories for encryption zones created with Apache Hadoop minor releases prior to 2.8.0.
      Show
      HDFS will create a ".Trash" subdirectory when creating a new encryption zone to support soft delete for files deleted within the encryption zone. A new "crypto -provisionTrash" command has been introduced to provision trash directories for encryption zones created with Apache Hadoop minor releases prior to 2.8.0.

    Description

      We encountered a bug in HDFS-8831:
      After HDFS-8831, a deleted file in an encryption zone is moved to a .Trash subdirectory within the encryption zone.

      However, if this .Trash subdirectory is not created beforehand, it will be created and owned by the first user who deleted a file, with permission drwx------. This creates a serious bug because any other non-privileged user will not be able to delete any files within the encryption zone, because they do not have the permission to move directories to the trash directory.

      We should fix this bug, by pre-creating the .Trash directory with sticky bit.

      Attachments

        1. HDFS-10324.001.patch
          6 kB
          Wei-Chiu Chuang
        2. HDFS-10324.002.patch
          10 kB
          Wei-Chiu Chuang
        3. HDFS-10324.003.patch
          17 kB
          Wei-Chiu Chuang
        4. HDFS-10324.004.patch
          21 kB
          Wei-Chiu Chuang
        5. HDFS-10324.005.patch
          26 kB
          Wei-Chiu Chuang
        6. HDFS-10324.006.patch
          57 kB
          Wei-Chiu Chuang
        7. HDFS-10324.007.patch
          58 kB
          Wei-Chiu Chuang
        8. HDFS-10324.008.patch
          58 kB
          Wei-Chiu Chuang

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            weichiu Wei-Chiu Chuang Assign to me
            weichiu Wei-Chiu Chuang
            Votes:
            0 Vote for this issue
            Watchers:
            13 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment