[
https://issues.apache.org/jira/browse/HBASE-5526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13223044#comment-13223044
]
Jesse Yates commented on HBASE-5526:
------------------------------------
bq. What's with all the changes to hbase-defaults.xml?
Oops, eclipse auto-formatting; thought I had reverted... Should only be the
addition of those last three properties.
Also, was debating if we even want to include default values for the
permissions/umask as the actual 'default' would be taken from the filesystem,
and not the conf, so default values are only applied when we enable the
permissions stuff, so you should be changing them anyways. Figure wide open
(777) permissions as the 'default' was the best, but thought it would be good
to get another opinion would be good too.
bq. Would that not cover all interesting scenarios?
Yeah, it would. This was just the easiest way to go about covering the
identifiable data as there are a _bunch_ of places where we are creating files
on the fs and seemed a bit overkill to replace all of them for this use case.
For creating individual files, its <10 files in src/main for creating files,
though a fair number in src/test. However, for creating directories its twice
that number and even more for testing. Each of those would need to be wrapped
to set the default permissions, doable and starting to think that it's the
right way to go about it in the end...hmmm
> Optional file permission settings
> ---------------------------------
>
> Key: HBASE-5526
> URL: https://issues.apache.org/jira/browse/HBASE-5526
> Project: HBase
> Issue Type: New Feature
> Components: regionserver
> Reporter: Jesse Yates
> Assignee: Jesse Yates
> Fix For: 0.94.0
>
> Attachments: java_HBASE-5526.patch
>
>
> Currently many all the files created by the HBase user are just written using
> the default file permissions granted by hdfs. However, it is often times
> adventageous to only allow a subset of the world to view the actual data
> written by hbase when scanning the raw hdfs files.
> This ticket covers setting permissions for files written to hdfs that are
> storing actual user data, as opposed to _all_ files written to hdfs as many
> of them contain non-identifiable metadata.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
