[jira] [Commented] (HADOOP-10919) Copy command should preserve raw.* namespace extended attributes

Tue, 12 Aug 2014 13:48:33 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-10919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14094640#comment-14094640
 ] 

Sanjay Radia commented on HADOOP-10919:
---------------------------------------

bq. Right now it's transparent in that distcp will decrypt when it reads from 
the normal path. This is what all existing distcp scripts will be doing, 
copying to and from normal paths. ... but it's a reasonable and sometimes 
desirable behavior.
At the meeting and in the jira we  concluded that the above behavior is not 
desirable: the user running the distcp may not have permission to decrypt (e.g. 
an Admin at NSA). Second, the data is being transmitted in the clear. Third the 
efficiency argument. You are saying "but it's a reasonable and sometimes 
desirable behavior." - I thought we have established it is not and hence we are 
doing the /.r/.r and that distcp will take advantage of it. I hope you still 
want to do /.r/.r? Maybe you are asserting that /.r/.r was unnecessary but you 
are willing to do it to please a few in the community. That okay - we can agree 
to disagree here.

I would have thought that if distcp prefixes all paths by /.r/.r then it would 
just work. Your comments says that "/.r/r is also superuser only" -- not sure 
what you mean - only superuer can access /.r/.r? Surely that is not the case? 
Is this mentioned in the distcp doc and I missed it?

> Copy command should preserve raw.* namespace extended attributes
> ----------------------------------------------------------------
>
>                 Key: HADOOP-10919
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10919
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: fs
>    Affects Versions: 3.0.0
>            Reporter: Charles Lamb
>            Assignee: Charles Lamb
>             Fix For: fs-encryption (HADOOP-10150 and HDFS-6134)
>
>         Attachments: HADOOP-10919.001.patch, HADOOP-10919.002.patch
>
>
> Refer to the doc attached to HDFS-6509 for background.
> Like distcp -p (see MAPREDUCE-6007), the copy command also needs to preserve 
> extended attributes in the raw.* namespace by default whenever the src and 
> target are in /.reserved/raw. To not preserve raw xattrs, don't specify 
> /.reserved/raw in either the src or target. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to