[
https://issues.apache.org/jira/browse/HADOOP-11321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14245881#comment-14245881
]
Arpit Agarwal edited comment on HADOOP-11321 at 12/14/14 9:58 AM:
------------------------------------------------------------------
Hi Chris,
{code}
+// Checks if the path is longer than (MAX_PATH - 12) in which case it needs to
+// be prepended with \\?\ for Windows OS to understand it. The -12 is to
+// account for an additional constraint for directories that it must be
possible
+// to append an 8.3 file name.
{code}
Good catch. If the directory does not end in a trailing backslash then should
it be -13 instead?
+1 otherwise.
FWIW I agree the prior behavior of {{FileContext#mkdir}} looks buggy. There is
a small chance of creating a security issue if someone was depending on the
buggy behavior. Perhaps it could be emulated by issuing a setPermissions if the
createFile fails.
was (Author: arpitagarwal):
Hi Chris,
{code}
+// Checks if the path is longer than (MAX_PATH - 12) in which case it needs to
+// be prepended with \\?\ for Windows OS to understand it. The -12 is to
+// account for an additional constraint for directories that it must be
possible
+// to append an 8.3 file name.
{code}
Good catch. If the directory does not end in a trailing {{\}} then should it be
-13 instead?
+1 otherwise.
FWIW I agree the prior behavior of {{FileContext#mkdir}} looks buggy. There is
a small chance of creating a security issue if someone was depending on the
buggy behavior. Perhaps it could be emulated by issuing a setPermissions if the
createFile fails.
> copyToLocal cannot save a file to an SMB share unless the user has Full
> Control permissions.
> --------------------------------------------------------------------------------------------
>
> Key: HADOOP-11321
> URL: https://issues.apache.org/jira/browse/HADOOP-11321
> Project: Hadoop Common
> Issue Type: Bug
> Components: fs
> Affects Versions: 2.6.0
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
> Attachments: HADOOP-11321.003.patch, HADOOP-11321.004.patch,
> HADOOP-11321.005.patch, HADOOP-11321.006.patch, HADOOP-11321.1.patch,
> HADOOP-11321.2.patch, winutils.tmp.patch
>
>
> In Hadoop 2, it is impossible to use {{copyToLocal}} to copy a file from HDFS
> to a destination on an SMB share. This is because in Hadoop 2, the
> {{copyToLocal}} maps to 2 underlying {{RawLocalFileSystem}} operations:
> {{create}} and {{setPermission}}. On an SMB share, the user may be
> authorized for the {{create}} but denied for the {{setPermission}}. Windows
> denies the {{WRITE_DAC}} right required by {{setPermission}} unless the user
> has Full Control permissions. Granting Full Control isn't feasible for most
> deployments, because it's insecure. This is a regression from Hadoop 1,
> where {{copyToLocal}} only did a {{create}} and didn't do a separate
> {{setPermission}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
