hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjay Radia (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10919) Copy command should preserve raw.* namespace extended attributes
Date Wed, 13 Aug 2014 04:57:12 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14095149#comment-14095149
] 

Sanjay Radia commented on HADOOP-10919:
---------------------------------------

Charles lets enumerate the distcp use cases - Here is my first draft. Below for some of the
use cases I propose possible desirable outcomes but these outcomes can be debated separately
from the use cases,
# src subtree and dst subtree do not have EZ - easy, same as today
# src subtree has no EZ but dest does have EZ in a portion of its subtree. Possible outcomes
## - if user performing operation has permissions in dest EZ then the files within the dest
EZ subtree are encrypted 
## if user does not (say Admin) what do we expect to happen?
# src subtree has EZ but dest does not. Possible outcomes
## files copied as encrypted but cannot be decryptied at the dest since it does not have an
 EZ zone- useful as a backup 
## files copied as encrypted and a matching EZ is created automatically. Can an admin do this
operation since he does not have access to the keys?
## throw an error which can be overidden by a flag in which case the files are decryoted and
copied to in dest are left  decrypted . This only works if the user has permissions for decryption;
admin cannot do this.
# both src and dest have  EZ at exactly the same part of the subtree. Possible outcomes
##  If user has permission to decrypt and encrypt, then the data is copied and encryption
is redone with new keys,
##  If user does not have permission then ?? Fail or copy as raw?
# both src and dest have  EZ at different  parts of the subtree. This should reduce to 2 or
3.


For each of the above one can have distcp do the right thing automatically  or we can force
the user to explicitly  submit /r/r/path as appropriate, Lets explore both approaches and
see which one works better.



> Copy command should preserve raw.* namespace extended attributes
> ----------------------------------------------------------------
>
>                 Key: HADOOP-10919
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10919
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: fs
>    Affects Versions: 3.0.0
>            Reporter: Charles Lamb
>            Assignee: Charles Lamb
>             Fix For: fs-encryption (HADOOP-10150 and HDFS-6134)
>
>         Attachments: HADOOP-10919.001.patch, HADOOP-10919.002.patch
>
>
> Refer to the doc attached to HDFS-6509 for background.
> Like distcp -p (see MAPREDUCE-6007), the copy command also needs to preserve extended
attributes in the raw.* namespace by default whenever the src and target are in /.reserved/raw.
To not preserve raw xattrs, don't specify /.reserved/raw in either the src or target. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message