[ https://issues.apache.org/jira/browse/HDFS-6703?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14071598#comment-14071598 ]
Hudson commented on HDFS-6703: ------------------------------ FAILURE: Integrated in Hadoop-Yarn-trunk #621 (See [https://builds.apache.org/job/Hadoop-Yarn-trunk/621/]) HDFS-6703. NFS: Files can be deleted from a read-only mount. Contributed by Srikanth Upputuri (brandonli: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1612702) * /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-nfs/src/main/java/org/apache/hadoop/hdfs/nfs/nfs3/RpcProgramNfs3.java * /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs-nfs/src/test/java/org/apache/hadoop/hdfs/nfs/nfs3/TestClientAccessPrivilege.java * /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt > NFS: Files can be deleted from a read-only mount > ------------------------------------------------ > > Key: HDFS-6703 > URL: https://issues.apache.org/jira/browse/HDFS-6703 > Project: Hadoop HDFS > Issue Type: Bug > Components: nfs > Affects Versions: 2.2.0 > Reporter: Abhiraj Butala > Assignee: Srikanth Upputuri > Fix For: 2.5.0 > > Attachments: HDFS-6703.patch > > > > As reported by bigdatagroup <bigdatagr...@itecons.it> on hadoop-users mailing > list: > {code} > We exported our distributed filesystem with the following configuration > (Managed by Cloudera Manager over CDH 5.0.1): > <property> > <name>dfs.nfs.exports.allowed.hosts</name> > <value>192.168.0.153 ro</value> > </property> > As you can see, we expect the exported FS to be read-only, but in fact we are > able to delete files and folders stored on it (where the user has the correct > permissions), from the client machine that mounted the FS. > Other writing operations are correctly blocked. > Hadoop Version in use: 2.3.0+cdh5.0.1+567" > {code} > I was able to reproduce the issue on latest hadoop trunk. Though I could only > delete files, deleting directories were correctly blocked: > {code} > abutala@abutala-vBox:/mnt/hdfs$ mount | grep 127 > 127.0.1.1:/ on /mnt/hdfs type nfs (rw,vers=3,proto=tcp,nolock,addr=127.0.1.1) > abutala@abutala-vBox:/mnt/hdfs$ ls -lh > total 512 > -rw-r--r-- 1 abutala supergroup 0 Jul 17 18:51 abc.txt > drwxr-xr-x 2 abutala supergroup 64 Jul 17 18:31 temp > abutala@abutala-vBox:/mnt/hdfs$ rm abc.txt > abutala@abutala-vBox:/mnt/hdfs$ ls > temp > abutala@abutala-vBox:/mnt/hdfs$ rm -r temp > rm: cannot remove `temp': Permission denied > abutala@abutala-vBox:/mnt/hdfs$ ls > temp > abutala@abutala-vBox:/mnt/hdfs$ > {code} > Contents of hdfs-site.xml: > {code} > <configuration> > <property> > <name>dfs.nfs3.dump.dir</name> > <value>/tmp/.hdfs-nfs3</value> > </property> > <property> > <name>dfs.nfs.exports.allowed.hosts</name> > <value>localhost ro</value> > </property> > </configuration> > {code} -- This message was sent by Atlassian JIRA (v6.2#6252)