[
https://issues.apache.org/jira/browse/HDDS-12856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17945219#comment-17945219
]
Sammi Chen edited comment on HDDS-12856 at 4/17/25 3:29 AM:
------------------------------------------------------------
The whole file permission and ACL features are not supported for ofs and o3fs.
IIRC, It is currently showing the info created based on the user who executes
the command.
I'm fine with either keep current behavior, or update to throw unsupported
exception for both file ACL and file permission. Personally I favor keep the
current behavior, since it's not a critical problem and we need to put effort
to do that and after that the features are still not supported.
was (Author: sammi):
The whole file permission and ACL features are not supported for ofs and o3fs.
IIRC, It is currently showing the info created based on the user who executes
the command.
> ozone fs -getfacl doesn't work as intended on ofs://, should throw
> UnsupportedOperationException
> ------------------------------------------------------------------------------------------------
>
> Key: HDDS-12856
> URL: https://issues.apache.org/jira/browse/HDDS-12856
> Project: Apache Ozone
> Issue Type: Task
> Reporter: Siyao Meng
> Assignee: Siyao Meng
> Priority: Major
>
> {{ozone fs -getfacl}} always seem to output the same dummy ACL list. I
> expected it to throw *UnsupportedOperationException* or print the same set of
> ACLs as {{ozone sh key getacl}} :
> {code}
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "USER",
> "name" : "[email protected]",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> }, {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove an ACL and try getfacl again, no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=user:[email protected]:all
> ACL user:[email protected]:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ {
> "type" : "GROUP",
> "name" : "om",
> "aclScope" : "ACCESS",
> "aclList" : [ "ALL" ]
> } ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Remove the group ACL and try getfacl again, still no change in output:
> {code}
> $ ozone sh key removeacl o3://ozone1744783607/vol1/buck1/dir1/key1
> --acls=group:om:all
> ACL group:om:la[ACCESS] removed successfully.
> $ ozone sh key getacl o3://ozone1744783607/vol1/buck1/dir1/key1
> [ ]
> $ ozone fs -getfacl ofs://ozone1744783607/vol1/buck1/dir1/key1
> # file: ofs://ozone1744783607/vol1/buck1/dir1/key1
> # owner: om
> # group: om
> user::rw-
> group::rw-
> other::rw-
> {code}
> Note: It is known that *setfacl* doesn't work in Ozone (HDDS-729):
> {code}
> $ ozone fs -setfacl -m default:user:hive:rwx
> ofs://ozone1744783607/vol1/buck1/dir1/key1
> -setfacl: Fatal internal error
> java.lang.UnsupportedOperationException: RootedOzoneFileSystem doesn't
> support modifyAclEntries
> at
> org.apache.hadoop.fs.FileSystem.modifyAclEntries(FileSystem.java:3000)
> ...
> {code}
> I think we should just throw UnsupportedOperationException for ofs:// (and
> o3fs://) in this case, unless there are other compatibility concerns.
> cc [~weichiu] [~Sammi] [~swamirishi]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
