subject:"\[jira\] \[Commented\] \(HDFS\-8040\) Able to move encryption zone to Trash"

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

2015-04-01 Thread Xiaoyu Yao (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-8040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14391705#comment-14391705
 ] 

Xiaoyu Yao commented on HDFS-8040:
--

Thanks [~clamb] for the explanation. That makes more sense to me now. 

> Able to move encryption zone to Trash
> -
>
> Key: HDFS-8040
> URL: https://issues.apache.org/jira/browse/HDFS-8040
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: security
>Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>Reporter: Sumana Sathish
>
> Users can remove encryption directory using the FsShell remove commands 
> without -skipTrash option.
> {code}
> /usr/hdp/current/hadoop-hdfs-client/bin/hdfs dfs -D "fs.trash.interval=60" 
> -rm -r /user/hrt_qa/encryptionZone_1
> 2015-04-01 
> 19:19:46,510|beaver.machine|INFO|654|140309507495680|MainThread|15/04/01 
> 19:19:46 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion 
> interval = 360 minutes, Emptier interval = 0 minutes.
> 2015-04-01 
> 19:19:46,534|beaver.machine|INFO|654|140309507495680|MainThread|Moved: 
> 'hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/encryptionZone_1' to 
> trash at: hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,863|test_TDE_trash|INFO|654|140309507495680|MainThread|Checking if 
> the encryption zone is in Trash or not
> 2015-04-01 
> 19:19:46,864|beaver.machine|INFO|654|140309507495680|MainThread|RUNNING: 
> /usr/hdp/current/hadoop-client/bin/hadoop dfs -ls -R 
> /user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,892|beaver.machine|INFO|654|140309507495680|MainThread|DEPRECATED: 
> Use of this script to execute hdfs command is deprecated.
> 2015-04-01 
> 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|Instead use 
> the hdfs command for it.
> 2015-04-01 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|
> 2015-04-01 
> 19:19:50,289|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 /user/hrt_qa/.Trash/Current/user
> 2015-04-01 
> 19:19:50,292|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa
> 2015-04-01 
> 19:19:50,296|beaver.machine|INFO|654|140309507495680|MainThread|drwxr-xr-x   
> - hrt_qa hrt_qa  0 2015-04-01 19:19  
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1 
> 2015-04-01 
> 19:19:50,326|beaver.machine|INFO|654|140309507495680|MainThread|-rw-r--r--   
> 3 hrt_qa hrt_qa   3273 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1/file_to_get.txt
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

2015-04-01 Thread Charles Lamb (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-8040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14391656#comment-14391656
 ] 

Charles Lamb commented on HDFS-8040:


[~xyao], [~ssath...@hortonworks.com],

This is actually correct behavior. If you have an EZ rooted at 
/user/hrt_qa/encryptionZone_1, it is ok to be able to move around an entire ez 
to another directory, in this case /user/hrt_qa/encryptionZone_1. That's what 
HDFS-7530 fixed. Hence, the -rm -r command is effectively a rename of 
/user/hrt_qa/encryptionZone_1 to /user/hrt_qa/.Trash/Current. Since you're 
picking up the entire EZ, that's allowed.

Does this make sense?


> Able to move encryption zone to Trash
> -
>
> Key: HDFS-8040
> URL: https://issues.apache.org/jira/browse/HDFS-8040
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: security
>Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>Reporter: sumana sathish
>
> Users can remove encryption directory using the FsShell remove commands 
> without -skipTrash option.
> {code}
> /usr/hdp/current/hadoop-hdfs-client/bin/hdfs dfs -D "fs.trash.interval=60" 
> -rm -r /user/hrt_qa/encryptionZone_1
> 2015-04-01 
> 19:19:46,510|beaver.machine|INFO|654|140309507495680|MainThread|15/04/01 
> 19:19:46 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion 
> interval = 360 minutes, Emptier interval = 0 minutes.
> 2015-04-01 
> 19:19:46,534|beaver.machine|INFO|654|140309507495680|MainThread|Moved: 
> 'hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/encryptionZone_1' to 
> trash at: hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,863|test_TDE_trash|INFO|654|140309507495680|MainThread|Checking if 
> the encryption zone is in Trash or not
> 2015-04-01 
> 19:19:46,864|beaver.machine|INFO|654|140309507495680|MainThread|RUNNING: 
> /usr/hdp/current/hadoop-client/bin/hadoop dfs -ls -R 
> /user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,892|beaver.machine|INFO|654|140309507495680|MainThread|DEPRECATED: 
> Use of this script to execute hdfs command is deprecated.
> 2015-04-01 
> 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|Instead use 
> the hdfs command for it.
> 2015-04-01 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|
> 2015-04-01 
> 19:19:50,289|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 /user/hrt_qa/.Trash/Current/user
> 2015-04-01 
> 19:19:50,292|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa
> 2015-04-01 
> 19:19:50,296|beaver.machine|INFO|654|140309507495680|MainThread|drwxr-xr-x   
> - hrt_qa hrt_qa  0 2015-04-01 19:19  
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1 
> 2015-04-01 
> 19:19:50,326|beaver.machine|INFO|654|140309507495680|MainThread|-rw-r--r--   
> 3 hrt_qa hrt_qa   3273 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1/file_to_get.txt
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

2015-04-01 Thread Xiaoyu Yao (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-8040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14391460#comment-14391460
 ] 

Xiaoyu Yao commented on HDFS-8040:
--

[~clamb], I was able to repro this on latest trunk. Check the code and found 
this is introduced by HDFS-7530. "Allow renaming of encryption zone roots. " 

{code}
EncryptionZoneManager#checkMoveValidity()
...
   if (srcEZI.getINodeId() == srcIIP.getLastINode().getId()) {
  // src is ez root and dest is not in an ez. Allow the rename.
  return;
}

{code}


> Able to move encryption zone to Trash
> -
>
> Key: HDFS-8040
> URL: https://issues.apache.org/jira/browse/HDFS-8040
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: security
>Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>Reporter: sumana sathish
>
> Users can remove encryption directory using the FsShell remove commands 
> without -skipTrash option.
> {code}
> /usr/hdp/current/hadoop-hdfs-client/bin/hdfs dfs -D "fs.trash.interval=60" 
> -rm -r /user/hrt_qa/encryptionZone_1
> 2015-04-01 
> 19:19:46,510|beaver.machine|INFO|654|140309507495680|MainThread|15/04/01 
> 19:19:46 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion 
> interval = 360 minutes, Emptier interval = 0 minutes.
> 2015-04-01 
> 19:19:46,534|beaver.machine|INFO|654|140309507495680|MainThread|Moved: 
> 'hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/encryptionZone_1' to 
> trash at: hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,863|test_TDE_trash|INFO|654|140309507495680|MainThread|Checking if 
> the encryption zone is in Trash or not
> 2015-04-01 
> 19:19:46,864|beaver.machine|INFO|654|140309507495680|MainThread|RUNNING: 
> /usr/hdp/current/hadoop-client/bin/hadoop dfs -ls -R 
> /user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,892|beaver.machine|INFO|654|140309507495680|MainThread|DEPRECATED: 
> Use of this script to execute hdfs command is deprecated.
> 2015-04-01 
> 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|Instead use 
> the hdfs command for it.
> 2015-04-01 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|
> 2015-04-01 
> 19:19:50,289|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 /user/hrt_qa/.Trash/Current/user
> 2015-04-01 
> 19:19:50,292|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa
> 2015-04-01 
> 19:19:50,296|beaver.machine|INFO|654|140309507495680|MainThread|drwxr-xr-x   
> - hrt_qa hrt_qa  0 2015-04-01 19:19  
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1 
> 2015-04-01 
> 19:19:50,326|beaver.machine|INFO|654|140309507495680|MainThread|-rw-r--r--   
> 3 hrt_qa hrt_qa   3273 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1/file_to_get.txt
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

2015-04-01 Thread Charles Lamb (JIRA)


[ 
https://issues.apache.org/jira/browse/HDFS-8040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14391411#comment-14391411
 ] 

Charles Lamb commented on HDFS-8040:


Hi [~ssath...@hortonworks.com],

I tried reproducing this:

{code}
[cwl@localhost hadoop]$ hdfs crypto -listZones
/ez  mykey 
[cwl@localhost hadoop]$ hdfs dfs -ls /
Found 1 items
drwxr-xr-x   - cwl supergroup  0 2015-04-01 15:41 /ez
[cwl@localhost hadoop]$ hdfs dfs -ls /ez
Found 1 items
-rw-r--r--   3 cwl supergroup158 2015-04-01 15:41 /ez/hosts
[cwl@localhost hadoop]$ hdfs dfs -D "fs.trash.interval=60" -rm -r /ez
15/04/01 16:41:15 INFO fs.TrashPolicyDefault: Namenode trash configuration: 
Deletion interval = 60 minutes, Emptier interval = 0 minutes.
rm: Failed to move to trash: hdfs://localhost/ez: /ez can't be moved from an 
encryption zone.
[cwl@localhost hadoop]$ hdfs dfs -ls -R /
drwxr-xr-x   - cwl supergroup  0 2015-04-01 15:41 /ez
-rw-r--r--   3 cwl supergroup158 2015-04-01 15:41 /ez/hosts
drwx--   - cwl supergroup  0 2015-04-01 16:41 /user
drwx--   - cwl supergroup  0 2015-04-01 16:41 /user/cwl
drwx--   - cwl supergroup  0 2015-04-01 16:41 /user/cwl/.Trash
drwx--   - cwl supergroup  0 2015-04-01 16:41 
/user/cwl/.Trash/Current
[cwl@localhost hadoop]$ hdfs dfs -ls -R /user/cwl/.Trash
drwx--   - cwl supergroup  0 2015-04-01 16:41 
/user/cwl/.Trash/Current
[cwl@localhost hadoop]$ hdfs dfs -ls -R /user/cwl/.Trash/Current
{code}

Do you see any difference between what you did and what I did?


> Able to move encryption zone to Trash
> -
>
> Key: HDFS-8040
> URL: https://issues.apache.org/jira/browse/HDFS-8040
> Project: Hadoop HDFS
>  Issue Type: Bug
>  Components: security
>Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
>Reporter: sumana sathish
>
> Users can remove encryption directory using the FsShell remove commands 
> without -skipTrash option.
> {code}
> /usr/hdp/current/hadoop-hdfs-client/bin/hdfs dfs -D "fs.trash.interval=60" 
> -rm -r /user/hrt_qa/encryptionZone_1
> 2015-04-01 
> 19:19:46,510|beaver.machine|INFO|654|140309507495680|MainThread|15/04/01 
> 19:19:46 INFO fs.TrashPolicyDefault: Namenode trash configuration: Deletion 
> interval = 360 minutes, Emptier interval = 0 minutes.
> 2015-04-01 
> 19:19:46,534|beaver.machine|INFO|654|140309507495680|MainThread|Moved: 
> 'hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/encryptionZone_1' to 
> trash at: hdfs://sumana-dal-secure-4.novalocal:8020/user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,863|test_TDE_trash|INFO|654|140309507495680|MainThread|Checking if 
> the encryption zone is in Trash or not
> 2015-04-01 
> 19:19:46,864|beaver.machine|INFO|654|140309507495680|MainThread|RUNNING: 
> /usr/hdp/current/hadoop-client/bin/hadoop dfs -ls -R 
> /user/hrt_qa/.Trash/Current
> 2015-04-01 
> 19:19:46,892|beaver.machine|INFO|654|140309507495680|MainThread|DEPRECATED: 
> Use of this script to execute hdfs command is deprecated.
> 2015-04-01 
> 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|Instead use 
> the hdfs command for it.
> 2015-04-01 19:19:46,893|beaver.machine|INFO|654|140309507495680|MainThread|
> 2015-04-01 
> 19:19:50,289|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 /user/hrt_qa/.Trash/Current/user
> 2015-04-01 
> 19:19:50,292|beaver.machine|INFO|654|140309507495680|MainThread|drwx--   
> - hrt_qa hrt_qa  0 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa
> 2015-04-01 
> 19:19:50,296|beaver.machine|INFO|654|140309507495680|MainThread|drwxr-xr-x   
> - hrt_qa hrt_qa  0 2015-04-01 19:19  
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1 
> 2015-04-01 
> 19:19:50,326|beaver.machine|INFO|654|140309507495680|MainThread|-rw-r--r--   
> 3 hrt_qa hrt_qa   3273 2015-04-01 19:19 
> /user/hrt_qa/.Trash/Current/user/hrt_qa/encryptionZone_1/file_to_get.txt
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

[jira] [Commented] (HDFS-8040) Able to move encryption zone to Trash

4 matches

Site Navigation

Mail list logo

Footer information