Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-14619

chmod changes the mask when ACL is enabled

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not A Problem
    • Affects Version/s: 3.1.2
    • Fix Version/s: None
    • Component/s: hdfs
    • Labels:
      None

      Description

      When setting a directory's permission with HDFS shell chmod, it changes the ACL mask instead of the permission bits:

      $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
      # file: /user/hive/warehouse/exttablename/key=1
      # owner: hive
      # group: hive
      user::rwx
      user:impala:rwx	#effective:r-x
      group::rwx	#effective:r-x
      mask::r-x
      other::r-x
      default:user::rwx
      default:user:impala:rwx
      default:group::rwx
      default:mask::rwx
      default:other::rwx
      
      $ sudo -u hdfs hdfs dfs -chmod 777 /user/hive/warehouse/exttablename/key=1/
      $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
      # file: /user/hive/warehouse/exttablename/key=1
      # owner: hive
      # group: hive
      user::rwx
      user:impala:rwx
      group::rwx
      mask::rwx
      other::rwx
      default:user::rwx
      default:user:impala:rwx
      default:group::rwx
      default:mask::rwx
      default:other::rwx
      
      $ sudo -u hdfs hdfs dfs -chmod 755 /user/hive/warehouse/exttablename/key=1/
      $ sudo -u impala hdfs dfs -getfacl /user/hive/warehouse/exttablename/key=1/
      # file: /user/hive/warehouse/exttablename/key=1
      # owner: hive
      # group: hive
      user::rwx
      user:impala:rwx	#effective:r-x
      group::rwx	#effective:r-x
      mask::r-x
      other::r-x
      default:user::rwx
      default:user:impala:rwx
      default:group::rwx
      default:mask::rwx
      default:other::rwx
      
      $ sudo -u impala hdfs dfs -touch /user/hive/warehouse/exttablename/key=1/file
      touch: Permission denied: user=impala, access=WRITE, inode="/user/hive/warehouse/exttablename/key=1/file":hive:hive:drwxr-xr-x
      

      The cluster has dfs.namenode.acls.enabled=true and dfs.namenode.posix.acl.inheritance.enabled=true.

      As far as I understand, the chmod should change the permission bits instead of the ACL mask. CMIIW

      Might be related to HDFS-14517. Istvan Fajth

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                smeng Siyao Meng
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: