28730
DISCUSSIONS
101735
MEMBERS
3157
ARTICLES
Hi All,
I'm on CDH 5.3 with Sentry enabled. I have a directory with permissions set as follows:
[root@node1 /]# h -getfacl /directory1 # file: /directory1 # owner: hive # group: hive user::rwx group::rwx other::--x group::CLIENTA:rwx default:user::rwx default:group::rwx default:group:CLIENTA:rwx default:mask::rwx default:other::---
if I put a file here it gets created with the below permissions.
[root@node1 /]# h -getfacl /directory1/test # file: /directory1/test # owner: client_user # group: hive user::rw- group::rwx #effective:r-- group:CLIENTA:rwx #effective:r-- mask::r-- other::---
and any directory I create looks like, which means the group can't write to this.
[root@node1 /]# h -getfacl /directory1/testd # file: /directory1/testd # owner: client_user # group: hive user::rwx group::rwx #effective:r-x group:CLIENTA:rwx #effective:r-x mask::r-x other::--- default:user::rwx default:group::rwx default:group:CLIENTA:rwx default:mask::rwx default:other::---
So the mask setting is not getting inherited, overriding the default ACLS I have set.
I am only using hdfs dfs commands.
Can anyone help me either avoid the mask being set like this, or ensure that the permissions are inherited?
Thanks!