[HDFS-6570] add api that enables checking if a user has certain permissions on a file - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.6.0
Component/s: hdfs-client, namenode, webhdfs
Labels:
None

Target Version/s:

2.6.0
Hadoop Flags:

Reviewed

Description

For some of the authorization modes in Hive, the servers in Hive check if a given user has permissions on a certain file or directory. For example, the storage based authorization mode allows hive table metadata to be modified only when the user has access to the corresponding table directory on hdfs. There are likely to be such use cases outside of Hive as well.

HDFS does not provide an api for such checks. As a result, the logic to check if a user has permissions on a directory gets replicated in Hive. This results in duplicate logic and there introduces possibilities for inconsistencies in the interpretation of the permission model. This becomes a bigger problem with the complexity of ACL logic.

HDFS should provide an api that provides functionality that is similar to access function in unistd.h - http://linux.die.net/man/2/access .

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HDFS-6570.2.patch
19/Jul/14 18:30
74 kB
Jitendra Nath Pandey
HDFS-6570.3.patch
22/Jul/14 21:34
53 kB
Jitendra Nath Pandey
HDFS-6570.4.patch
25/Jul/14 21:53
59 kB
Jitendra Nath Pandey
HDFS-6570.5.patch
28/Jul/14 22:12
60 kB
Jitendra Nath Pandey
HDFS-6570-prototype.1.patch
26/Jun/14 23:54
18 kB
Chris Nauroth

Issue Links

is duplicated by

HADOOP-4108 FileSystem support for POSIX access method

Resolved

relates to

HIVE-7583 Use FileSystem.access() if available to check file access for user

Closed

Activity

People

Assignee:: Jitendra Nath Pandey

Reporter:: Thejas Nair

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 19/Jun/14 21:20

Updated:: 01/Dec/14 03:07

Resolved:: 30/Jul/14 17:55