03-11-2015 05:34 AM
Hi All,
I'm on CDH 5.3 with Sentry enabled. I have a directory with permissions set as follows:
[root@node1 /]# h -getfacl /directory1 # file: /directory1 # owner: hive # group: hive user::rwx group::rwx other::--x group::CLIENTA:rwx default:user::rwx default:group::rwx default:group:CLIENTA:rwx default:mask::rwx default:other::---
if I put a file here it gets created with the below permissions.
[root@node1 /]# h -getfacl /directory1/test # file: /directory1/test # owner: client_user # group: hive user::rw- group::rwx #effective:r-- group:CLIENTA:rwx #effective:r-- mask::r-- other::---
and any directory I create looks like, which means the group can't write to this.
[root@node1 /]# h -getfacl /directory1/testd # file: /directory1/testd # owner: client_user # group: hive user::rwx group::rwx #effective:r-x group:CLIENTA:rwx #effective:r-x mask::r-x other::--- default:user::rwx default:group::rwx default:group:CLIENTA:rwx default:mask::rwx default:other::---
So the mask setting is not getting inherited, overriding the default ACLS I have set.
I am only using hdfs dfs commands.
Can anyone help me either avoid the mask being set like this, or ensure that the permissions are inherited?
Thanks!
06-24-2015 04:11 PM
04-18-2017 10:11 AM
Changing default umask through cloudera manager properties of HDFS from 022 to 002 helped out to get child dir inherit the permissions from parent dir.