[ https://issues.apache.org/jira/browse/HADOOP-10919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14095149#comment-14095149 ]
Sanjay Radia commented on HADOOP-10919: --------------------------------------- Charles lets enumerate the distcp use cases - Here is my first draft. Below for some of the use cases I propose possible desirable outcomes but these outcomes can be debated separately from the use cases, # src subtree and dst subtree do not have EZ - easy, same as today # src subtree has no EZ but dest does have EZ in a portion of its subtree. Possible outcomes ## - if user performing operation has permissions in dest EZ then the files within the dest EZ subtree are encrypted ## if user does not (say Admin) what do we expect to happen? # src subtree has EZ but dest does not. Possible outcomes ## files copied as encrypted but cannot be decryptied at the dest since it does not have an EZ zone- useful as a backup ## files copied as encrypted and a matching EZ is created automatically. Can an admin do this operation since he does not have access to the keys? ## throw an error which can be overidden by a flag in which case the files are decryoted and copied to in dest are left decrypted . This only works if the user has permissions for decryption; admin cannot do this. # both src and dest have EZ at exactly the same part of the subtree. Possible outcomes ## If user has permission to decrypt and encrypt, then the data is copied and encryption is redone with new keys, ## If user does not have permission then ?? Fail or copy as raw? # both src and dest have EZ at different parts of the subtree. This should reduce to 2 or 3. For each of the above one can have distcp do the right thing automatically or we can force the user to explicitly submit /r/r/path as appropriate, Lets explore both approaches and see which one works better. > Copy command should preserve raw.* namespace extended attributes > ---------------------------------------------------------------- > > Key: HADOOP-10919 > URL: https://issues.apache.org/jira/browse/HADOOP-10919 > Project: Hadoop Common > Issue Type: Bug > Components: fs > Affects Versions: 3.0.0 > Reporter: Charles Lamb > Assignee: Charles Lamb > Fix For: fs-encryption (HADOOP-10150 and HDFS-6134) > > Attachments: HADOOP-10919.001.patch, HADOOP-10919.002.patch > > > Refer to the doc attached to HDFS-6509 for background. > Like distcp -p (see MAPREDUCE-6007), the copy command also needs to preserve > extended attributes in the raw.* namespace by default whenever the src and > target are in /.reserved/raw. To not preserve raw xattrs, don't specify > /.reserved/raw in either the src or target. -- This message was sent by Atlassian JIRA (v6.2#6252)