Hello Archana, If ACLs are disabled after ACLs have already been created in the namespace, then the behavior is:
1. All subsequent ACL-related API calls fail intentionally. It is impossible to create, update, or delete any ACLs. 2. The NameNode is still capable of loading existing ACL metadata stored in a pre-existing fsimage or edit log that was generated while ACLs were enabled. If ACLs are disabled, it would not cause the NameNode to abort while loading ACL-related metadata. 3. If ACLs are present on a file or directory from a prior configuration with ACLs enabled, then those ACLs are still enforced when users attempt to access the files. This behavior is by design. If you're interested in more of the background discussion that led to these design decisions, please see the comments in issues HDFS-5899 and HDFS-5925. --Chris Nauroth From: Archana talamani <archana.talam...@huawei.com<mailto:archana.talam...@huawei.com>> Reply-To: "hdfs-dev@hadoop.apache.org<mailto:hdfs-dev@hadoop.apache.org>" <hdfs-dev@hadoop.apache.org<mailto:hdfs-dev@hadoop.apache.org>> Date: Friday, September 11, 2015 at 1:31 AM To: "hdfs-dev@hadoop.apache.org<mailto:hdfs-dev@hadoop.apache.org>" <hdfs-dev@hadoop.apache.org<mailto:hdfs-dev@hadoop.apache.org>> Subject: kindly confirm the behavior if configs are disabled after setting Hi All, I have a query on ACL/Storage policy or in general any configs which provide enable/disable feature - Like, ACL is set on a file/directory, after which permission check will use ACLs for checking permission. What should be the behavior if ACLs are disabled after setting? whether it should use normal permissions or should continue using ACLs for access check? Kindly reply the expected behavior. Thanks, Archana Talamani HUAWEI TECHNOLOGIES INDIA PVT LTD. [cid:image001.png@01D0EC9A.60550E10] ------------------------------------------------------------------------------------------------------------------------------------- This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
