big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HDFS-13505. Turn on HDFS ACLs by default. Contributed by Siyao Meng.

Browse Source
This commit is contained in:
Ayush Saxena 2019-08-13 19:17:10 +05:30
parent 3dc22d6ef1
commit e9b6b81de4
4 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
View File

@ -299,7 +299,7 @@ public class DFSConfigKeys extends CommonConfigurationKeys {
HdfsClientConfigKeys.DeprecatedKeys.DFS_PERMISSIONS_SUPERUSERGROUP_KEY; HdfsClientConfigKeys.DeprecatedKeys.DFS_PERMISSIONS_SUPERUSERGROUP_KEY;
public static final String DFS_PERMISSIONS_SUPERUSERGROUP_DEFAULT = "supergroup"; public static final String DFS_PERMISSIONS_SUPERUSERGROUP_DEFAULT = "supergroup";
public static final String DFS_NAMENODE_ACLS_ENABLED_KEY = "dfs.namenode.acls.enabled"; public static final String DFS_NAMENODE_ACLS_ENABLED_KEY = "dfs.namenode.acls.enabled";
public static final boolean DFS_NAMENODE_ACLS_ENABLED_DEFAULT = false; public static final boolean DFS_NAMENODE_ACLS_ENABLED_DEFAULT = true;
public static final String DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_KEY = public static final String DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_KEY =
"dfs.namenode.posix.acl.inheritance.enabled"; "dfs.namenode.posix.acl.inheritance.enabled";
public static final boolean public static final boolean

4
hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
View File

@ -510,10 +510,10 @@
<property> <property>
<name>dfs.namenode.acls.enabled</name> <name>dfs.namenode.acls.enabled</name>
<value>false</value> <value>true</value>
<description> <description>
Set to true to enable support for HDFS ACLs (Access Control Lists). By Set to true to enable support for HDFS ACLs (Access Control Lists). By
default, ACLs are disabled. When ACLs are disabled, the NameNode rejects default, ACLs are enabled. When ACLs are disabled, the NameNode rejects
all RPCs related to setting or getting ACLs. all RPCs related to setting or getting ACLs.
</description> </description>
</property> </property>

2
hadoop-hdfs-project/hadoop-hdfs/src/site/markdown/HdfsPermissionsGuide.md
View File

@ -319,7 +319,7 @@ Configuration Parameters
* `dfs.namenode.acls.enabled = true` * `dfs.namenode.acls.enabled = true`
Set to true to enable support for HDFS ACLs (Access Control Lists). By Set to true to enable support for HDFS ACLs (Access Control Lists). By
default, ACLs are disabled. When ACLs are disabled, the NameNode rejects default, ACLs are enabled. When ACLs are disabled, the NameNode rejects
all attempts to set an ACL. all attempts to set an ACL.
* `dfs.namenode.posix.acl.inheritance.enabled` * `dfs.namenode.posix.acl.inheritance.enabled`

5
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAclConfigFlag.java
View File

@ -160,10 +160,7 @@ private void expectException() {
private void initCluster(boolean format, boolean aclsEnabled) private void initCluster(boolean format, boolean aclsEnabled)
throws Exception { throws Exception {
Configuration conf = new Configuration(); Configuration conf = new Configuration();
// not explicitly setting to false, should be false by default conf.setBoolean(DFSConfigKeys.DFS_NAMENODE_ACLS_ENABLED_KEY, aclsEnabled);
if (aclsEnabled) {
conf.setBoolean(DFSConfigKeys.DFS_NAMENODE_ACLS_ENABLED_KEY, true);
}
cluster = new MiniDFSCluster.Builder(conf).numDataNodes(1).format(format) cluster = new MiniDFSCluster.Builder(conf).numDataNodes(1).format(format)
.build(); .build();
cluster.waitActive(); cluster.waitActive();