Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-6570

add api that enables checking if a user has certain permissions on a file

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.6.0
    • Component/s: hdfs-client, namenode, webhdfs
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      For some of the authorization modes in Hive, the servers in Hive check if a given user has permissions on a certain file or directory. For example, the storage based authorization mode allows hive table metadata to be modified only when the user has access to the corresponding table directory on hdfs. There are likely to be such use cases outside of Hive as well.

      HDFS does not provide an api for such checks. As a result, the logic to check if a user has permissions on a directory gets replicated in Hive. This results in duplicate logic and there introduces possibilities for inconsistencies in the interpretation of the permission model. This becomes a bigger problem with the complexity of ACL logic.

      HDFS should provide an api that provides functionality that is similar to access function in unistd.h - http://linux.die.net/man/2/access .

        Attachments

        1. HDFS-6570.5.patch
          60 kB
          Jitendra Nath Pandey
        2. HDFS-6570.4.patch
          59 kB
          Jitendra Nath Pandey
        3. HDFS-6570.3.patch
          53 kB
          Jitendra Nath Pandey
        4. HDFS-6570.2.patch
          74 kB
          Jitendra Nath Pandey
        5. HDFS-6570-prototype.1.patch
          18 kB
          Chris Nauroth

          Issue Links

            Activity

              People

              • Assignee:
                jnp Jitendra Nath Pandey
                Reporter:
                thejas Thejas M Nair
              • Votes:
                0 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: