[jira] [Updated] (HDFS-6703) NFS: Files can be deleted from a read-only mount

Tue, 22 Jul 2014 03:26:32 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Srikanth Upputuri updated HDFS-6703:
------------------------------------

    Status: Patch Available  (was: Open)

> NFS: Files can be deleted from a read-only mount
> ------------------------------------------------
>
>                 Key: HDFS-6703
>                 URL: https://issues.apache.org/jira/browse/HDFS-6703
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: nfs
>    Affects Versions: 2.2.0
>            Reporter: Abhiraj Butala
>            Assignee: Srikanth Upputuri
>         Attachments: HDFS-6703.patch
>
>
>   
> As reported by bigdatagroup <bigdatagr...@itecons.it> on hadoop-users mailing 
> list:
> {code}
> We exported our distributed filesystem with the following configuration 
> (Managed by Cloudera Manager over CDH 5.0.1):
>  <property>
>     <name>dfs.nfs.exports.allowed.hosts</name>
>     <value>192.168.0.153 ro</value>
>   </property>
> As you can see, we expect the exported FS to be read-only, but in fact we are 
> able to delete files and folders stored on it (where the user has the correct 
> permissions), from  the client machine that mounted the FS.
> Other writing operations are correctly blocked.
> Hadoop Version in use: 2.3.0+cdh5.0.1+567"
> {code}
> I was able to reproduce the issue on latest hadoop trunk. Though I could only 
> delete files, deleting directories were correctly blocked:
> {code}
> abutala@abutala-vBox:/mnt/hdfs$ mount | grep 127
> 127.0.1.1:/ on /mnt/hdfs type nfs (rw,vers=3,proto=tcp,nolock,addr=127.0.1.1)
> abutala@abutala-vBox:/mnt/hdfs$ ls -lh
> total 512
> -rw-r--r-- 1 abutala supergroup  0 Jul 17 18:51 abc.txt
> drwxr-xr-x 2 abutala supergroup 64 Jul 17 18:31 temp
> abutala@abutala-vBox:/mnt/hdfs$ rm abc.txt
> abutala@abutala-vBox:/mnt/hdfs$ ls
> temp
> abutala@abutala-vBox:/mnt/hdfs$ rm -r temp
> rm: cannot remove `temp': Permission denied
> abutala@abutala-vBox:/mnt/hdfs$ ls
> temp
> abutala@abutala-vBox:/mnt/hdfs$
> {code}
> Contents of hdfs-site.xml:
> {code}
> <configuration>
>     <property>
>         <name>dfs.nfs3.dump.dir</name>
>         <value>/tmp/.hdfs-nfs3</value>
>     </property>
>     <property>
>         <name>dfs.nfs.exports.allowed.hosts</name>
>         <value>localhost ro</value>
>     </property>
> </configuration>
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to