Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-12615 Router-based HDFS federation phase 2
  3. HDFS-12895

RBF: Add ACL support for mount table

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 3.0.0-alpha3
    • 3.1.0, 2.10.0, 2.9.1
    • None
    • Incompatible change, Reviewed
    • Hide
      Mount tables support ACL, The users won't be able to modify their own entries (we are assuming these old (no-permissions before) mount table with owner:superuser, group:supergroup, permission:755 as the default permissions). The fix way is login as superuser to modify these mount table entries.
      Show
      Mount tables support ACL, The users won't be able to modify their own entries (we are assuming these old (no-permissions before) mount table with owner:superuser, group:supergroup, permission:755 as the default permissions). The fix way is login as superuser to modify these mount table entries.

    Description

      Adding ACL support for the Mount Table management. Following is the initial design of ACL control for the mount table management.

      Each mount table has its owner, group name and permission.
      The mount table permissions (FsPermission), here we use org.apache.hadoop.fs.permission.FsPermission to do the access check:

      1. READ permission: you can read the mount table info.
      2. WRITE permission: you can add remove or update this mount table info.
      3. EXECUTE permission: This won't be used.

      The add command of mount table will be extended like this

      $HADOOP_HOME/bin/hdfs dfsrouteradmin [-add <source> <nameservice> <destination> [-owner <owner>] [-group <group>] [-mode <mode>]]

      <mode> is UNIX-style permissions for the mount table. Permissions are specified in octal, e.g. 0755. By default, this is set to 0755.
      If we want update the ACL info of specfied mount table, just execute add command again. This command not only adding for new mount talle but also updating mount table once it finds given mount table is existed.

      Attachments

        1. HDFS-12895.001.patch
          34 kB
          Yiqun Lin
        2. HDFS-12895.002.patch
          37 kB
          Yiqun Lin
        3. HDFS-12895.003.patch
          38 kB
          Yiqun Lin
        4. HDFS-12895.004.patch
          38 kB
          Yiqun Lin
        5. HDFS-12895.005.patch
          38 kB
          Yiqun Lin
        6. HDFS-12895.006.patch
          39 kB
          Yiqun Lin
        7. HDFS-12895.007.patch
          39 kB
          Yiqun Lin
        8. HDFS-12895-branch-2.001.patch
          39 kB
          Yiqun Lin

        Activity

          People

            linyiqun Yiqun Lin
            linyiqun Yiqun Lin
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: