Hi All,
I'm on CDH 5.3 with Sentry enabled. I have a directory with permissions set as follows:
[root@node1 /]# h -getfacl /directory1
# file: /directory1
# owner: hive
# group: hive
user::rwx
group::rwx
other::--x
group::CLIENTA:rwx
default:user::rwx
default:group::rwx
default:group:CLIENTA:rwx
default:mask::rwx
default:other::---
if I put a file here it gets created with the below permissions.
[root@node1 /]# h -getfacl /directory1/test
# file: /directory1/test
# owner: client_user
# group: hive
user::rw-
group::rwx #effective:r--
group:CLIENTA:rwx #effective:r--
mask::r--
other::---
and any directory I create looks like, which means the group can't write to this.
[root@node1 /]# h -getfacl /directory1/testd
# file: /directory1/testd
# owner: client_user
# group: hive
user::rwx
group::rwx #effective:r-x
group:CLIENTA:rwx #effective:r-x
mask::r-x
other::---
default:user::rwx
default:group::rwx
default:group:CLIENTA:rwx
default:mask::rwx
default:other::---
So the mask setting is not getting inherited, overriding the default ACLS I have set.
I am only using hdfs dfs commands.
Can anyone help me either avoid the mask being set like this, or ensure that the permissions are inherited?
Thanks!
