Created 04-05-2017 01:51 PM
Hi All
How do i ensure that the child dir and files created by a member of a group having rwx permissions on hdfs have the same rwx permission as parent?
I tried chmod and acls both as suggested by apache and cloudera. All the new dirs created by a user in a group having permission to write are still having the r-x permissions instead of rwx which i want.
I have also enabled dfs.namenode.posix.acl.inheritance.enabled to true and dfs.permissions also to true as mentioned in https://issues.apache.org/jira/browse/HDFS-6962.
fs.permissions.umask-mode=000
dfs.umaskmode, fs.permissions.umask-mode=022
[root@dev ~]# id abhig
uid=515(abhig) gid=519(abhig) groups=519(abhig),525(low_priority),528(devgrp)
********************************************
[abhig@dev ~]$ hdfs dfs -setfacl -m default:group:devgrp:rwx /test
[abhig@dev ~]$ hdfs dfs -getfacl /test
# file: /test
# owner: abhig
# group: devgrp
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:devgrp:rwx
default:mask::rwx
default:other::r-x
********************************************
[abhig@dev ~]$ hdfs dfs -mkdir /test/tst1
[abhig@dev ~]$ hdfs dfs -getfacl /test/tst1
# file: /test/tst1
# owner: abhig
# group: devgrp
user::rwx
group::r-x
group:devgrp:rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:devgrp:rwx
default:mask::rwx
default:other::r-x
*********************************************
This doesn't help much
https://community.cloudera.com/t5/Storage-Random-Access-HDFS/HDFS-ACL-Inheritance/m-p/25494#M1092
Please give a workaround if any.
Created 04-18-2017 10:11 AM
Changing default umask through cloudera manager properties of HDFS from 022 to 002 helped out to get child dir inherit the permissions from parent dir.
Created 04-18-2017 10:11 AM
Changing default umask through cloudera manager properties of HDFS from 022 to 002 helped out to get child dir inherit the permissions from parent dir.
Created on 12-22-2017 08:39 AM - edited 12-22-2017 08:49 AM
Hi Folks,
if we change umask mode to 002 from 022 will fix this?
is there any version dependency? currently, we are in 5.9.0.
My question is for the directory, seems we are forcing to give write permissions to group by changing to 002?
directory:
022 - rwxr-xr-x
002 - rwxrwxr-w
File:
022- rw-r--r--
002 - rw-rw-r--
This is how much ACL on directory looks like, i have few groups that need only r-x, if we keep 002 will it get changed to rwx for group?
hdfs dfs -getfacl /test/ky/val/claim/version=xx/
# file: /test/ky/val/claim/version=xx
# owner: svc_ingest_t
# group: supergroup
user::rwx
user:hive:rwx
group::rwx
group:g_ingt_ba:r-x
group:g_ingt_bu:rwx
group:g_ingt_du:r-x
group:hive:rwx
mask::rwx
other::---
default:user::rwx
default:user:hive:rwx
default:group::rwx
default:group:g_ingt_ba:r-x
default:group:g_ingt_bu:rwx
default:group:g_du:r-x
default:group:hive:rwx
default:mask::rwx
default:other::---