[
https://issues.apache.org/jira/browse/HDFS-6373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13996975#comment-13996975
]
Chris Nauroth commented on HDFS-6373:
-------------------------------------
{quote}
This makes sense to me, since symlink permissions are always ignored. Linux
actually doesn't even let you change symlink permissions, though it is allowed
by the Unix spec. Chris Nauroth, could you comment on whether this was
intentional, or just an oversight? It seems like we might want to remove
ACLs-on-symlinks, which is compatible since symlinks are still hard-disabled.
{quote}
It is impossible to set an ACL on a symlink. Any ACL operation run on a
symlink automatically dereferences the symlink and operates on its target, i.e.
by passing {{true}} to {{FSDirectory#getINodesInPath4Write}}. We wrote tests
asserting this behavior, so I don't think there is any way to store an
{{AclFeature}} on an {{INodeSymlink}}.
I quickly skimmed the patch, and it looks like you're going for some additional
prevention inside {{INodeSymlink}} to prevent mistakes. That seems like a good
idea, and we could do similar for ACLs.
> Remove support for extended attributes on symlinks
> --------------------------------------------------
>
> Key: HDFS-6373
> URL: https://issues.apache.org/jira/browse/HDFS-6373
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode
> Reporter: Andrew Wang
> Assignee: Charles Lamb
> Attachments: HDFS-6373.1.patch, HDFS-6373.2.patch
>
>
> Looking in the Linux source code, we see the following:
> http://lxr.linux.no/linux+v3.14.3/fs/xattr.c
> {code}
> 60 /*
> 61 * In the user.* namespace, only regular files and directories
> can have
> 62 * extended attributes. For sticky directories, only the owner and
> 63 * privileged users can write attributes.
> 64 */
> {code}
> We should consider removing {{XAttrFeature}} from {{INodeSymlink}}.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
