[
https://issues.apache.org/jira/browse/HADOOP-10919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14095149#comment-14095149
]
Sanjay Radia commented on HADOOP-10919:
---------------------------------------
Charles lets enumerate the distcp use cases - Here is my first draft. Below for
some of the use cases I propose possible desirable outcomes but these outcomes
can be debated separately from the use cases,
# src subtree and dst subtree do not have EZ - easy, same as today
# src subtree has no EZ but dest does have EZ in a portion of its subtree.
Possible outcomes
## - if user performing operation has permissions in dest EZ then the files
within the dest EZ subtree are encrypted
## if user does not (say Admin) what do we expect to happen?
# src subtree has EZ but dest does not. Possible outcomes
## files copied as encrypted but cannot be decryptied at the dest since it does
not have an EZ zone- useful as a backup
## files copied as encrypted and a matching EZ is created automatically. Can an
admin do this operation since he does not have access to the keys?
## throw an error which can be overidden by a flag in which case the files are
decryoted and copied to in dest are left decrypted . This only works if the
user has permissions for decryption; admin cannot do this.
# both src and dest have EZ at exactly the same part of the subtree. Possible
outcomes
## If user has permission to decrypt and encrypt, then the data is copied and
encryption is redone with new keys,
## If user does not have permission then ?? Fail or copy as raw?
# both src and dest have EZ at different parts of the subtree. This should
reduce to 2 or 3.
For each of the above one can have distcp do the right thing automatically or
we can force the user to explicitly submit /r/r/path as appropriate, Lets
explore both approaches and see which one works better.
> Copy command should preserve raw.* namespace extended attributes
> ----------------------------------------------------------------
>
> Key: HADOOP-10919
> URL: https://issues.apache.org/jira/browse/HADOOP-10919
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs
> Affects Versions: 3.0.0
> Reporter: Charles Lamb
> Assignee: Charles Lamb
> Fix For: fs-encryption (HADOOP-10150 and HDFS-6134)
>
> Attachments: HADOOP-10919.001.patch, HADOOP-10919.002.patch
>
>
> Refer to the doc attached to HDFS-6509 for background.
> Like distcp -p (see MAPREDUCE-6007), the copy command also needs to preserve
> extended attributes in the raw.* namespace by default whenever the src and
> target are in /.reserved/raw. To not preserve raw xattrs, don't specify
> /.reserved/raw in either the src or target.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
