subject:"\[jira\] \[Commented\] \(HDFS\-4685\) Implementation of ACLs in HDFS"

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2015-02-12 Thread Yongjun Zhang (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14318569#comment-14318569
 ] 

Yongjun Zhang commented on HDFS-4685:
-

Hi Chris,  thanks a lot for the explanation, it really helps!


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2015-02-11 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14317691#comment-14317691
 ] 

Chris Nauroth commented on HDFS-4685:
-

Actually, there is one more implementation detail to consider.  When a file 
does have an ACL, then the owning group permissions are stored in an ACL entry, 
not the group permission bits.  Instead, the group permission bits are used to 
the store the ACL mask.  The reason for this is that it provides a conservative 
solution to the problem of applications that change permissions but are unaware 
of ACLs, most notably {{chmod}}.  Running something like a {{chmod g-r}} 
actually removes read permissions from the mask entry (unbeknownst to 
{{chmod}}).  This way, the modification is performed for the entire "group 
class", which is the unnamed group entry, all named group entries, and all 
named user entries.

For a more detailed rationale of this behavior, see the POSIX ACL documentation 
that I referenced a lot from the HDFS ACLs design document:

http://users.suse.com/~agruen/acl/linux-acls/online/

The HDFS code that implements this is in the {{AclStorage}} class.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2015-02-11 Thread Yongjun Zhang (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14317321#comment-14317321
 ] 

Yongjun Zhang commented on HDFS-4685:
-

HI Chirs,

Thanks a lot for your quick answer. So if I understand it correctly, the 
description in UC3 is conceptual. Implementation-wise,  the owning group entry 
is from the permission bits (where the owning group's permission is specified), 
and the named group entry is from ACL data (where the other groups are 
specified). When we do "hdfs -getfacl", it will print out them together as the 
ACL for the target file. Right? Thanks.

 

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2015-02-11 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14317297#comment-14317297
 ] 

Chris Nauroth commented on HDFS-4685:
-

bq. My question is, if we already have the permission bits that describes the 
owning group's permission, why we need this owning group entry in the ACL?

Hi [~yzhangal].  The owning group permissions and the owning group entry in an 
ACL are actually logically equivalent concepts.  In fact, if you run {{hdfs 
-getfacl}} on a file that doesn't have an ACL at all (only permission bits), 
then you'll see it still report back 3 ACL entries for owner, group and other.  
The literature sometimes refers to this degenerate case as a "minimal ACL".

The statement in UC3 indicates that you need both ACL entries to implement this 
use case.  There are 2 distinct groups of users, and there is a need to enforce 
different permissions for each group.

Thanks for the question, and I hope this helps.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2015-02-11 Thread Yongjun Zhang (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14317272#comment-14317272
 ] 

Yongjun Zhang commented on HDFS-4685:
-

Hi [~cnauroth],

Thanks for your earlier work on ACL. I have a question here.

When I read the design spec UC3 (Hive Partitioned Tables), it's said "This use 
case can be implemented by setting an access ACL on each sub-directory 
containing an owning group entry and a named group entry". Where the owning 
group entry is equivalent to setting permission bits. My question is, if we 
already have the permission bits that describes the owning group's permission, 
why we need this owning group entry in the ACL?

Thanks for your time to answer the question.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-03-07 Thread Claudio Fahey (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13924472#comment-13924472
 ] 

Claudio Fahey commented on HDFS-4685:
-

I am currently traveling and will be back on Monday 3/10. Email responses may 
be delayed.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0, 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf, Test-Plan-for-Extended-Acls-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-27 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13914600#comment-13914600
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1711 (See 
[https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1711/])
HDFS-4685. Move to 2.4.0 in CHANGES.txt in preparation for merge. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1572189)
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0, 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-27 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13914521#comment-13914521
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Hdfs-trunk #1686 (See 
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1686/])
HDFS-4685. Move to 2.4.0 in CHANGES.txt in preparation for merge. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1572189)
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0, 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-27 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13914387#comment-13914387
 ] 

Hudson commented on HDFS-4685:
--

FAILURE: Integrated in Hadoop-Yarn-trunk #494 (See 
[https://builds.apache.org/job/Hadoop-Yarn-trunk/494/])
HDFS-4685. Move to 2.4.0 in CHANGES.txt in preparation for merge. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1572189)
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0, 2.4.0
>
> Attachments: HDFS-4685-branch-2.1.patch, HDFS-4685.1.patch, 
> HDFS-4685.2.patch, HDFS-4685.3.patch, HDFS-4685.4.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-26 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13913299#comment-13913299
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-trunk-Commit #5230 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/5230/])
HDFS-4685. Move to 2.4.0 in CHANGES.txt in preparation for merge. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1572189)
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-24 Thread Claudio Fahey (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13911008#comment-13911008
 ] 

Claudio Fahey commented on HDFS-4685:
-

I am currently traveling and will be back on Wednesday 2/26. Email responses 
may be delayed.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-22 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13909405#comment-13909405
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1706 (See 
[https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1706/])
HADOOP-10354. TestWebHDFS fails after merge of HDFS-4685 to trunk. Contributed 
by Chris Nauroth. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1570655)
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsPermission.java


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-22 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13909375#comment-13909375
 ] 

Hudson commented on HDFS-4685:
--

FAILURE: Integrated in Hadoop-Hdfs-trunk #1681 (See 
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1681/])
HADOOP-10354. TestWebHDFS fails after merge of HDFS-4685 to trunk. Contributed 
by Chris Nauroth. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1570655)
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsPermission.java


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-22 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13909337#comment-13909337
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Yarn-trunk #489 (See 
[https://builds.apache.org/job/Hadoop-Yarn-trunk/489/])
HADOOP-10354. TestWebHDFS fails after merge of HDFS-4685 to trunk. Contributed 
by Chris Nauroth. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1570655)
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsPermission.java


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-21 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13908671#comment-13908671
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-trunk-Commit #5206 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/5206/])
HADOOP-10354. TestWebHDFS fails after merge of HDFS-4685 to trunk. Contributed 
by Chris Nauroth. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1570655)
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsPermission.java


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-20 Thread Yongjun Zhang (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13907703#comment-13907703
 ] 

Yongjun Zhang commented on HDFS-4685:
-

HI [~cnauroth], 

I'm seeing trunk branch test failure locally (centOs6) today. And I identified 
it's this merge of this fix that caused the failure. I'm not sure whether other 
people are seeing the same problem, and whether it's because of my env. Prior 
to this change, I don't see the problem. I filed HDFS-5989 to log the issue, in 
case it's a real one. Would you please take a look at it? 

Thanks.



> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-20 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13907025#comment-13907025
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Mapreduce-trunk #1704 (See 
[https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1704/])
Merge HDFS-4685 to trunk. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1569870)
* /hadoop/common/trunk
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/docs
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntry.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryScope.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryType.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclStatus.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsAction.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/Ls.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/core
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestAcl.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestFsPermission.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestAclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestViewFileSystemDelegation.java
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/pom.xml
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DistributedFileSystem.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/AclException.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/ClientProtocol.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/LayoutVersion.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolServerSideTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/PBHelper.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclConfigFlag.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclFeature.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclStorage.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-20 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13906974#comment-13906974
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Hdfs-trunk #1679 (See 
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1679/])
Merge HDFS-4685 to trunk. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1569870)
* /hadoop/common/trunk
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/docs
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntry.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryScope.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryType.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclStatus.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsAction.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/Ls.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/core
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestAcl.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestFsPermission.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestAclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestViewFileSystemDelegation.java
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/pom.xml
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DistributedFileSystem.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/AclException.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/ClientProtocol.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/LayoutVersion.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolServerSideTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/PBHelper.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclConfigFlag.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclFeature.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclStorage.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-20 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13906869#comment-13906869
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-Yarn-trunk #487 (See 
[https://builds.apache.org/job/Hadoop-Yarn-trunk/487/])
Merge HDFS-4685 to trunk. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1569870)
* /hadoop/common/trunk
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/docs
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntry.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryScope.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryType.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclStatus.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsAction.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/Ls.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/core
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestAcl.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestFsPermission.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestAclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestViewFileSystemDelegation.java
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/pom.xml
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DistributedFileSystem.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/AclException.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/ClientProtocol.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/LayoutVersion.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolServerSideTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/PBHelper.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclConfigFlag.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclFeature.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclStorage.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/h

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-19 Thread Hudson (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13905847#comment-13905847
 ] 

Hudson commented on HDFS-4685:
--

SUCCESS: Integrated in Hadoop-trunk-Commit #5191 (See 
[https://builds.apache.org/job/Hadoop-trunk-Commit/5191/])
Merge HDFS-4685 to trunk. (cnauroth: 
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1569870)
* /hadoop/common/trunk
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/docs
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FilterFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/RawLocalFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntry.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryScope.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclEntryType.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclStatus.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/FsAction.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/FsCommand.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/Ls.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/viewfs/ViewFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/site/apt/FileSystemShell.apt.vm
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/core
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/TestHarFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestAcl.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/permission/TestFsPermission.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/shell/TestAclCommands.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestChRootedFileSystem.java
* 
/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/viewfs/TestViewFileSystemDelegation.java
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/pom.xml
* /hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSClient.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DistributedFileSystem.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/AclException.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/ClientProtocol.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocol/LayoutVersion.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolServerSideTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/ClientNamenodeProtocolTranslatorPB.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/protocolPB/PBHelper.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclConfigFlag.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclFeature.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/AclStorage.java
* 
/hadoop/common/trunk/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/ap

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-19 Thread Claudio Fahey (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13905830#comment-13905830
 ] 

Claudio Fahey commented on HDFS-4685:
-

I am currently traveling and will be back on Thursday 2/20. Email responses may 
be delayed.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Fix For: 3.0.0
>
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-19 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13905821#comment-13905821
 ] 

Chris Nauroth commented on HDFS-4685:
-

I have merged the HDFS-4685 branch to trunk, as per the passing merge vote here:

http://mail-archives.apache.org/mod_mbox/hadoop-hdfs-dev/201402.mbox/%3CCABCYYb-3jGNDhhXg%2B-TuFw0f-_2YybAJdiRgUpbkRXEvNvTDYA%40mail.gmail.com%3E


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-17 Thread Hadoop QA (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13903723#comment-13903723
 ] 

Hadoop QA commented on HDFS-4685:
-

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12629442/HDFS-4685.4.patch
  against trunk revision .

{color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

{color:green}+1 tests included{color}.  The patch appears to include 29 new 
or modified test files.

{color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

{color:green}+1 javadoc{color}.  There were no new javadoc warning messages.

{color:green}+1 eclipse:eclipse{color}.  The patch built with 
eclipse:eclipse.

{color:green}+1 findbugs{color}.  The patch does not introduce any new 
Findbugs (version 1.3.9) warnings.

{color:red}-1 release audit{color}.  The applied patch generated 1 
release audit warnings.

{color:red}-1 core tests{color}.  The patch failed these unit tests in 
hadoop-common-project/hadoop-common hadoop-hdfs-project/hadoop-hdfs:

  
org.apache.hadoop.hdfs.tools.offlineEditsViewer.TestOfflineEditsViewer

  The following test timeouts occurred in 
hadoop-common-project/hadoop-common hadoop-hdfs-project/hadoop-hdfs:

org.apache.hadoop.hdfs.server.namenode.ha.TestDNFencingWithReplication

{color:green}+1 contrib tests{color}.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6166//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6166//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/6166//console

This message is automatically generated.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-4685.4.patch, HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, 
> HDFS-ACLs-Design-3.pdf, Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-13 Thread Hadoop QA (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13901178#comment-13901178
 ] 

Hadoop QA commented on HDFS-4685:
-

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12628874/HDFS-4685.3.patch
  against trunk revision .

{color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

{color:green}+1 tests included{color}.  The patch appears to include 29 new 
or modified test files.

{color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

{color:green}+1 javadoc{color}.  There were no new javadoc warning messages.

{color:green}+1 eclipse:eclipse{color}.  The patch built with 
eclipse:eclipse.

{color:green}+1 findbugs{color}.  The patch does not introduce any new 
Findbugs (version 1.3.9) warnings.

{color:red}-1 release audit{color}.  The applied patch generated 1 
release audit warnings.

{color:red}-1 core tests{color}.  The patch failed these unit tests in 
hadoop-common-project/hadoop-common hadoop-hdfs-project/hadoop-hdfs:

  
org.apache.hadoop.hdfs.tools.offlineEditsViewer.TestOfflineEditsViewer

{color:green}+1 contrib tests{color}.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6152//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6152//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/6152//console

This message is automatically generated.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, HDFS-4685.3.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-13 Thread Hadoop QA (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13900790#comment-13900790
 ] 

Hadoop QA commented on HDFS-4685:
-

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12628816/HDFS-4685.2.patch
  against trunk revision .

{color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

{color:green}+1 tests included{color}.  The patch appears to include 29 new 
or modified test files.

{color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

{color:green}+1 javadoc{color}.  There were no new javadoc warning messages.

{color:green}+1 eclipse:eclipse{color}.  The patch built with 
eclipse:eclipse.

{color:green}+1 findbugs{color}.  The patch does not introduce any new 
Findbugs (version 1.3.9) warnings.

{color:red}-1 release audit{color}.  The applied patch generated 1 
release audit warnings.

{color:red}-1 core tests{color}.  The patch failed these unit tests in 
hadoop-common-project/hadoop-common hadoop-hdfs-project/hadoop-hdfs:

  org.apache.hadoop.fs.shell.TestAclCommands
  
org.apache.hadoop.hdfs.tools.offlineEditsViewer.TestOfflineEditsViewer
  org.apache.hadoop.hdfs.server.namenode.TestCacheDirectives

{color:green}+1 contrib tests{color}.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6143//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6143//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/6143//console

This message is automatically generated.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-4685.2.patch, 
> HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-11 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898297#comment-13898297
 ] 

Chris Nauroth commented on HDFS-4685:
-

The release audit warning is from CHANGES-HDFS-4685.txt, which will not be 
brought to trunk in the merge.

The failure in {{TestOfflineEditsViewer}} is a known issue which we will 
address before the merge.  I'll post a new merge patch after we fix it in the 
feature branch.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-ACLs-Design-1.pdf, 
> HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-11 Thread Hadoop QA (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898294#comment-13898294
 ] 

Hadoop QA commented on HDFS-4685:
-

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12628270/HDFS-4685.1.patch
  against trunk revision .

{color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

{color:green}+1 tests included{color}.  The patch appears to include 27 new 
or modified test files.

{color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

{color:green}+1 javadoc{color}.  There were no new javadoc warning messages.

{color:green}+1 eclipse:eclipse{color}.  The patch built with 
eclipse:eclipse.

{color:green}+1 findbugs{color}.  The patch does not introduce any new 
Findbugs (version 1.3.9) warnings.

{color:red}-1 release audit{color}.  The applied patch generated 1 
release audit warnings.

{color:red}-1 core tests{color}.  The patch failed these unit tests in 
hadoop-common-project/hadoop-common hadoop-hdfs-project/hadoop-hdfs:

  
org.apache.hadoop.hdfs.tools.offlineEditsViewer.TestOfflineEditsViewer

{color:green}+1 contrib tests{color}.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6107//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-HDFS-Build/6107//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/6107//console

This message is automatically generated.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-ACLs-Design-1.pdf, 
> HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-11 Thread Claudio Fahey (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898086#comment-13898086
 ] 

Claudio Fahey commented on HDFS-4685:
-

I will be traveling through Thursday and then on vacation through Monday 2/17. 
Email responses may be delayed.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-ACLs-Design-1.pdf, 
> HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-02-11 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898084#comment-13898084
 ] 

Chris Nauroth commented on HDFS-4685:
-

BTW, that merge patch includes one change that isn't yet committed to the 
feature branch: HDFS-5925.  It's very likely to go in soon, but I don't yet 
have +1 from a committer.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-4685.1.patch, HDFS-ACLs-Design-1.pdf, 
> HDFS-ACLs-Design-2.pdf, HDFS-ACLs-Design-3.pdf, 
> Test-Plan-for-Extended-Acls-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2014-01-23 Thread Sanjay Radia (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13880440#comment-13880440
 ] 

Sanjay Radia commented on HDFS-4685:


Comment on the the two alternatives for the default ACL proposals in the doc. 
Reproducing the text for convenience.

* *Umask-Default-ACL*: The default ACL of the parent is cloned to the ACL of 
the child at time of child creation.  For new child directories, the default 
ACL itself is also cloned, so that the same policy is applied to 
sub-directories of sub-directories.  Subsequent changes to the parent’s default 
ACL will set a different ACL for new children, but will not alter existing 
children.  This matches POSIX behavior.  If the administrator wants to change 
policy on the sub-tree later, then this is performed by inserting a new more 
restrictive ACL entry at the appropriate sub-tree root (see UC6) and may also 
need to  run a recursive ACL modification (analogous to chmod -R) since 
existing children are not effected by the new ACL.

* *Inherited-Default-ACL*: A child that does not have an ACL of its own 
inherits its ACL from the nearest ancestor that has defined a default ACL.  A 
child node that requires a different ACL can override the default (like the 
Umask-Default-ACL). Subsequent changes to the ancestor’s default ACL will cause 
all children that do not have an ACL to inherit the new ACL regardless of child 
creation time (unlike Umask-Default-ACL).   This model, like the ABAC ACLs (use 
case UC8), encourages the user to create fewer ACLs (typically on the root of 
specific subtrees) while the Posix-compliant Umask-Default-ACL is expected to 
results in larger number of ACLs in the system. It would also make a memory 
efficient implementation trivial. Note that this model is a deviation from 
POSIX behavior. 



Consider the following three sub use cases  here
4a) OpenUP child for wide access than the default.
4b) Restrict a child for narrower access than the default.
4c) Change the defaultAcl because you made a mistake originally.

Both models support use case 4a and 4b with equal ease. However, with the 
Inherited-Default-ACL, it is easy to identify children that have overridden the 
default-ACL - the existence of an ACL means that the user intended to override 
the default. Also 4c is a natural fit for Inherited-Default-ACL. For the 
UMask-Default-ACL, every child has an ACL and hence you have to walk down the 
subtree and compare the ACL with the default to see if the user had intended to 
override it.


I think the Inherited-Default-ACL is much better design but posix compliance 
may triumph and hence  am willing to go with UMask-Default-ACL.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf, HDFS-ACLs-Design-2.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-18 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13852294#comment-13852294
 ] 

Chris Nauroth commented on HDFS-4685:
-

I can loop back now on the question of using inode features vs. the custom data 
structure I described in the design doc.

The patch in HDFS-5658 implements the feature approach.  Development on this 
has come together much more quickly than the custom approach that I was 
starting in HDFS-5595.  In the final analysis, the custom approach is more 
compact than the feature approach, at least for the first 64511 distinct ACLs 
in a namesystem, which can be referenced via reuse of unused space in the 
permission bits.  Beyond that number, the savings vanish, because we need to 
start involving the INode ACL Map as an external data structure with per-inode 
pointer overhead.  The custom approach requires much more complex code compared 
to the feature approach.

At this point, the plan is to go with the feature approach.  Most importantly, 
the feature approach still has the characteristic that people who don't use 
ACLs at all won't take any extra per-inode memory hit in their deployments.  We 
can keep the design doc for the custom approach here as a back-pocket idea if 
we find we really need it, but at this point it would likely be premature 
optimization.

In the next revision of the design doc, I'll make the changes to state that 
this is implemented as an inode feature.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-04 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839139#comment-13839139
 ] 

Chris Nauroth commented on HDFS-4685:
-

Colin, thanks for taking a look.  You're correct that inode flattening/features 
is not mentioned anywhere in this revision of the design doc.  That's mostly 
because the inode flattening was being done concurrently while I was writing 
the doc, so it wasn't quite ready for consideration.

To compensate for this, I've structured the project plan so that the storage 
optimization work won't be done until late in the cycle.  HDFS-5595 is going to 
provide just the simplest possible implementation of an {{AclManager}}, so that 
we can proceed on implementing and testing the functionality.  Sub-tasks like 
HDFS-5620 start optimizing.  Before we start on that work though, we'll have 
several weeks to reconsider this part of the design, and specifically consider 
use of flattening/features.  By this time, we'll also have built up test suites 
on the functionality, and that's going to provide a safety net for 
experimentation in this area.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-04 Thread Colin Patrick McCabe (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839112#comment-13839112
 ] 

Colin Patrick McCabe commented on HDFS-4685:


Thanks for tackling this Chris.  it looks good overall.

Now that we have HDFS-5286 (flatten inode directory) in, doesn't it make sense 
to have the ACLs associated with an {{INode}} be stored as {{Features}}, rather 
than using a separate data structure? I didn't see any mention in the design 
doc-- maybe I missed it.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-04 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839104#comment-13839104
 ] 

Chris Nauroth commented on HDFS-4685:
-

1. Yes, extended attributes or labels would need to be added later as a 
separate feature.  If we ever decide to do that, then I expect a lot of the 
implementation details of ACLs could be generalized and lifted into the 
implementation of extended attributes.  (For example, I expect copy-on-write 
and the other storage optimizations discussed in the Persistence section would 
be applicable to an implementation of extended attributes too.)  The choice of 
which authorization mechanism to use (permission bits, ACLs, or ABAC if we ever 
implement it) is left to the end user.  If management of multiple mechanisms 
creates complexity, then the deployment may choose to use just one or the other 
exclusively.

2. The file owner is allowed to call setfacl.  Any user with read permissions 
on the file is allowed to call getfacl.  Additionally, the HDFS super-user is 
allowed to call setfacl and getfacl on any file.  This is equivalent to the 
current state of affairs with permission bits.  I'll add some text about this 
in the next revision of the design doc.  Thanks!


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-04 Thread Tianyou Li (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13838821#comment-13838821
 ] 

Tianyou Li commented on HDFS-4685:
--

After going through the design document, below questions are still unclear to 
me, could you please elaborate more?
1.  This proposal constructs file ACLs as a purpose specific extension of 
file permission bits but section UC8 mentions that support for attribute based 
security can be added later in a “backwards compatible way”. ABAC would seem to 
depend on the availability of a facility for labeling files, or a generic 
extended attributes feature with labels in extended attributes. Would EAs 
and/or labels need to be added later as a new separate feature? If so, then 
there could be two mechanisms for making authorization decisions: multiple ACLs 
and labels. That seems to increase the possibility of conflicting 
authorizations and complexity for the user.  How does the proposal handle this? 
2.  Separation of roles, in the design doc, it is unclear to me that who 
can call setacl/getacl. Resource owner might not be the role who can define 
security policies. If resource owner takes the arbitrary responsibility to 
maintain the access right in complex scenarios, it will be difficult to ensure 
global policies to avoid of information leak. could it be better if there is 
additional control?


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-03 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13838092#comment-13838092
 ] 

Chris Nauroth commented on HDFS-4685:
-

I've entered the sub-task break-down.  My own initial focus is going to be 
HDFS-5594 and HDFS-5595.  These two are pre-requisites for a lot of the other 
sub-tasks.  After that, it will be easier for multiple people to work in 
parallel across the various interfaces and NameNode implementation details.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-12-02 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13837009#comment-13837009
 ] 

Chris Nauroth commented on HDFS-4685:
-

I've created a new HDFS-4685 branch in Subversion:

http://svn.apache.org/viewvc/hadoop/common/branches/HDFS-4685/

Later today, I'll start entering sub-tasks for the development activity 
intended for this branch.


> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: New Feature
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
> Attachments: HDFS-ACLs-Design-1.pdf
>
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-11-21 Thread Uma Maheswara Rao G (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13828897#comment-13828897
 ] 

Uma Maheswara Rao G commented on HDFS-4685:
---

Hi Chris, I would like to know the status of this JIRA. Are you planning to 
implement this JIRA?

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: Improvement
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
>Priority: Minor
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

[jira] [Commented] (HDFS-4685) Implementation of ACLs in HDFS

2013-11-21 Thread Chris Nauroth (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-4685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13828969#comment-13828969
 ] 

Chris Nauroth commented on HDFS-4685:
-

Hi Uma.  Yes, I actually just started writing a design doc for extended ACLs a 
few days ago.  I expect I'll be ready to post it here within the next week or 
two.

> Implementation of ACLs in HDFS
> --
>
> Key: HDFS-4685
> URL: https://issues.apache.org/jira/browse/HDFS-4685
> Project: Hadoop HDFS
>  Issue Type: Improvement
>  Components: hdfs-client, namenode, security
>Affects Versions: 1.1.2
>Reporter: Sachin Jose
>Assignee: Chris Nauroth
>Priority: Minor
>
> Currenly hdfs doesn't support Extended file ACL. In unix extended ACL can be 
> achieved using getfacl and setfacl utilities. Is there anybody working on 
> this feature ?



--
This message was sent by Atlassian JIRA
(v6.1#6144)

39 matches

Mail list logo