Daryn Sharp created HDFS-12907: ---------------------------------- Summary: Allow read-only access to reserved raw for non-superusers Key: HDFS-12907 URL: https://issues.apache.org/jira/browse/HDFS-12907 Project: Hadoop HDFS Issue Type: Bug Components: namenode Affects Versions: 2.6.0 Reporter: Daryn Sharp
HDFS-6509 added a special /.reserved/raw path prefix to access the raw file contents of EZ files. In the simplest sense it doesn't return the FE info in the {{LocatedBlocks}} so the dfs client doesn't try to decrypt the data. This facilitates allowing tools like distcp to copy raw bytes. Access to the raw hierarchy is restricted to superusers. This seems like an overly broad restriction designed to prevent non-admins from munging the EZ related xattrs. I believe we should relax the restriction to allow non-admins to perform read-only operations. Allowing non-superusers to easily read the raw bytes will be extremely useful for regular users, esp. for enabling webhdfs client-side encryption. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org