You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by cn...@apache.org on 2014/02/21 07:29:52 UTC
svn commit: r1570466 - in
/hadoop/common/trunk/hadoop-common-project/hadoop-common: CHANGES.txt
src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
Author: cnauroth
Date: Fri Feb 21 06:29:52 2014
New Revision: 1570466
URL: http://svn.apache.org/r1570466
Log:
HADOOP-10352. Recursive setfacl erroneously attempts to apply default ACL to files. Contributed by Chris Nauroth.
Modified:
hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt?rev=1570466&r1=1570465&r2=1570466&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt Fri Feb 21 06:29:52 2014
@@ -326,6 +326,9 @@ Trunk (Unreleased)
HADOOP-10344. Fix TestAclCommands after merging HADOOP-10338 patch.
(cnauroth)
+ HADOOP-10352. Recursive setfacl erroneously attempts to apply default ACL to
+ files. (cnauroth)
+
OPTIMIZATIONS
HADOOP-7761. Improve the performance of raw comparisons. (todd)
Modified: hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java
URL: http://svn.apache.org/viewvc/hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java?rev=1570466&r1=1570465&r2=1570466&view=diff
==============================================================================
--- hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java (original)
+++ hadoop/common/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/shell/AclCommands.java Fri Feb 21 06:29:52 2014
@@ -22,6 +22,8 @@ import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
+import com.google.common.collect.Lists;
+
import org.apache.hadoop.HadoopIllegalArgumentException;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
@@ -231,6 +233,7 @@ class AclCommands extends FsCommand {
CommandFormat cf = new CommandFormat(0, Integer.MAX_VALUE, "b", "k", "R",
"m", "x", "-set");
List<AclEntry> aclEntries = null;
+ List<AclEntry> accessAclEntries = null;
@Override
protected void processOptions(LinkedList<String> args) throws IOException {
@@ -263,6 +266,19 @@ class AclCommands extends FsCommand {
if (args.size() > 1) {
throw new HadoopIllegalArgumentException("Too many arguments");
}
+
+ // In recursive mode, save a separate list of just the access ACL entries.
+ // Only directories may have a default ACL. When a recursive operation
+ // encounters a file under the specified path, it must pass only the
+ // access ACL entries.
+ if (isRecursive() && (oneModifyOption || setOption)) {
+ accessAclEntries = Lists.newArrayList();
+ for (AclEntry entry: aclEntries) {
+ if (entry.getScope() == AclEntryScope.ACCESS) {
+ accessAclEntries.add(entry);
+ }
+ }
+ }
}
@Override
@@ -272,11 +288,37 @@ class AclCommands extends FsCommand {
} else if (cf.getOpt("k")) {
item.fs.removeDefaultAcl(item.path);
} else if (cf.getOpt("m")) {
- item.fs.modifyAclEntries(item.path, aclEntries);
+ List<AclEntry> entries = getAclEntries(item);
+ if (!entries.isEmpty()) {
+ item.fs.modifyAclEntries(item.path, entries);
+ }
} else if (cf.getOpt("x")) {
- item.fs.removeAclEntries(item.path, aclEntries);
+ List<AclEntry> entries = getAclEntries(item);
+ if (!entries.isEmpty()) {
+ item.fs.removeAclEntries(item.path, entries);
+ }
} else if (cf.getOpt("-set")) {
- item.fs.setAcl(item.path, aclEntries);
+ List<AclEntry> entries = getAclEntries(item);
+ if (!entries.isEmpty()) {
+ item.fs.setAcl(item.path, entries);
+ }
+ }
+ }
+
+ /**
+ * Returns the ACL entries to use in the API call for the given path. For a
+ * recursive operation, returns all specified ACL entries if the item is a
+ * directory or just the access ACL entries if the item is a file. For a
+ * non-recursive operation, returns all specified ACL entries.
+ *
+ * @param item PathData path to check
+ * @return List<AclEntry> ACL entries to use in the API call
+ */
+ private List<AclEntry> getAclEntries(PathData item) {
+ if (isRecursive()) {
+ return item.stat.isDirectory() ? aclEntries : accessAclEntries;
+ } else {
+ return aclEntries;
}
}
}