[jira] [Commented] (HADOOP-8973) DiskChecker cannot reliably detect an inaccessible disk on Windows with NTFS ACLs

Mon, 04 Mar 2013 17:52:13 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-8973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13592931#comment-13592931
 ] 

Chuan Liu commented on HADOOP-8973:
-----------------------------------

I want to chime in a little on this.

> The reason that methods like File#canRead are used here is that it checks if 
> the current process can read the file, with full consideration of the 
> specific user that launched the process.

Chris, I think it should be relatively easy to provide some API like this 
either through winutils or JNI. In Windows (and the new POSIX ACL mode), file 
owner and file ACL are separate concepts (comparing with traditional chmod file 
permission mode where the first 3 bit are tightly associated with the file 
owner). In "winutils ls", we retrieval effective rights for the owner through 
the API call GetEffectiveRightsForSid() where Sid is the user sid that we want 
to check access permissions. Calling this API with a given user SID, we should 
be able to get its permission on the file.

I notice we already have the "getfacl" command line utility on Linux. What do 
you think we provide a simple one in "winutils"? E.g. 
{code}
>winutils getfacl -u [username] file
user:[username]:r-x
{code}
                
> DiskChecker cannot reliably detect an inaccessible disk on Windows with NTFS 
> ACLs
> ---------------------------------------------------------------------------------
>
>                 Key: HADOOP-8973
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8973
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: util
>    Affects Versions: trunk-win
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HADOOP-8973-branch-trunk-win.patch
>
>
> DiskChecker.checkDir uses File.canRead, File.canWrite, and File.canExecute to 
> check if a directory is inaccessible.  These APIs are not reliable on Windows 
> with NTFS ACLs due to a known JVM bug.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to