Reply
Highlighted
M.
New Contributor
Posts: 1
Registered: ‎05-05-2015

Setting an ACL for a user also changes group permissions

[ Edited ]

I have a directory:

 

700  userA  groupA  /foo/

 

If I grant userB access to /foo/ via an ACL using FileSystem.modifyAclEntries(<path to foo>, <list containing a single "r-x" entry for userB>) then the resulting file permissions are:

 

File Permission:

750  userA  groupA  /foo/

 

ACL entries (via FileSystem.getAclStatus(<path to foo>).getEntries()):

user:userB:r-x
group::---

 

Why is the group file permission getting set directly on the file and then removed in the ACL when I only specified changes for the user in the ACL? I am using CDH 5.1

Posts: 1,892
Kudos: 432
Solutions: 302
Registered: ‎07-31-2013

Re: Setting an ACL for a user also changes group permissions

Could you share a program/snippet that reproduces this? I'm not seeing similar behaviour on current versions:

 

~> sudo -u hdfs hadoop fs -mkdir /tmp/foo
~> sudo -u hdfs hadoop fs -chown userA:groupA /tmp/foo
~> sudo -u hdfs hadoop fs -chmod 700 /tmp/foo

 

~> sudo -u hdfs hadoop fs -getfacl /tmp/foo

# file: /tmp/foo

# owner: userA

# group: groupA

user::rwx

group::---

other::---


~> sudo -u hdfs hadoop fs -setfacl -m user:userB:r-x /tmp/foo

~> sudo -u hdfs hadoop fs -getfacl /tmp/foo

# file: /tmp/foo

# owner: userA

# group: groupA

user::rwx

user:userB:r-x

group::---

mask::r-x

other::---

 

~> sudo -u hdfs hadoop fs -ls -d /tmp/foo

drwxr-x---+  - userA groupA          0 2015-06-24 15:49 /tmp/foo

Announcements