[
https://issues.apache.org/jira/browse/HDFS-10376?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15274901#comment-15274901
]
Yongjun Zhang edited comment on HDFS-10376 at 5/6/16 11:24 PM:
---------------------------------------------------------------
Hi [~jzhuge],
Thanks a lot for your investigation and nice finds!
Some thoughts to share:
1. Since the test intends to see {{FileNotFoundException}} thrown for this
case, looks like that we should use {{nnfs.setOwner}} instead of
{{userfs.setOwner}} in this test.
2. We can add a test to do a {{userfs.setOwner}} call on a previously created
file, and expect {{AccesControlException}}
3. When calling {{userfs.setOwner}} on a non-existing file, /a/b/c, I think, if
the user has access to /a/b, then {{FileNotFoundException}} is appropriate; if
the user has no permission to access /a/b, then {{AccessControlException}} is
appropriate, no matter whether /a/b/c exists or not.
Thanks.
was (Author: yzhangal):
Hi [~jzhuge],
Thanks a lot for your investigation and nice finds!
Some thoughts to share:
1. Since the test intends to see {{FileNotFoundException}} thrown for this
case, looks like that we should use {{nnfs.setOwner}} instead of
{{userfs.setOwner}} in this test.
2. We can add a test to do a {{userfs.setOwner}} call on a previously created
file, and expect {{AccesControlException}}
3. When calling {{userfs.setOwner}} on a non-existing file, /a/b/c, I think, if
the user has access to /a/b, then {[FileNotFoundException}} is appropriate; if
the user has no permission to access /a/b, then {{AccessControlException}} is
appropriate, no matter whether /a/b/c exists or not.
Thanks.
> setOwner call is not run as the specified user in TestPermission
> ----------------------------------------------------------------
>
> Key: HDFS-10376
> URL: https://issues.apache.org/jira/browse/HDFS-10376
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Yongjun Zhang
> Assignee: John Zhuge
>
> TestPermission create a user with the following name and group:
> {code}
> final private static String USER_NAME = "user" + RAN.nextInt();
> final private static String[] GROUP_NAMES = {"group1", "group2"};
> UserGroupInformation userGroupInfo =
> UserGroupInformation.createUserForTesting(USER_NAME, GROUP_NAMES );
>
> FileSystem userfs = DFSTestUtil.getFileSystemAs(userGroupInfo, conf);
> // make sure mkdir of a existing directory that is not owned by
> // this user does not throw an exception.
> userfs.mkdirs(CHILD_DIR1);
>
> {code}
> Supposedly
> {code}
> userfs.setOwner(CHILD_FILE3, "foo", "bar");
> {code}
> will be run as the specified user, but it seems to be run as me who run the
> test.
> Running as the specified user would disallow setOwner, which requires
> superuser privilege. This is not happening.
> Creating this jira for some investigation to understand whether it's indeed
> an issue.
> Thanks.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
