You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Christos Bisias (Jira)" <ji...@apache.org> on 2023/11/02 17:20:00 UTC
[jira] [Updated] (HDDS-9610) Recursive fs delete on a Legacy bucket succeeds even if no keys were deleted
[ https://issues.apache.org/jira/browse/HDDS-9610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Christos Bisias updated HDDS-9610:
----------------------------------
Description:
For a Legacy bucket, recursive delete might appear successful even if no keys were actually deleted.
The issue can be reproduced in the docker dev env. Edit *docker-config* to enable native ACLs
{noformat}
OZONE-SITE.XML_ozone.acl.enabled=true
OZONE-SITE.XML_ozone.acl.authorizer.class=org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer{noformat}
Start the docker env and run the commands below
{code:java}
> docker-compose exec -T om ozone sh volume create /vol1
> docker-compose exec -T om ozone sh bucket create /vol1/bucket1 -l LEGACY
> docker-compose exec -T om ozone sh volume setacl -a user:testuser2:rw,user:testuser:a,group:testuser2:rw,group:testuser:a vol1
ACLs set successfully.
> docker-compose exec -T om ozone sh bucket setacl -a user:testuser2:rwlc,user:testuser:a,group:testuser2:rwlc,group:testuser:a vol1/bucket1
ACLs set successfully.
> docker-compose exec -T -u testuser om ozone fs -mkdir /vol1/bucket1/dir1
> docker-compose exec -T -u testuser om ozone fs -put ./README.md /vol1/bucket1/dir1/readme
> docker-compose exec -T -u testuser2 om ozone fs -rm -r -skipTrash /vol1/bucket1/dir1
Deleted /vol1/bucket1/dir1
> docker-compose exec -T -u testuser om ozone fs -ls /vol1/bucket1/dir1
Found 1 items
-rw-rw-rw- 3 testuser testuser 4068 2023-11-02 16:53 /vol1/bucket1/dir1/readme {code}
This is happening because in
*BasicRootedOzoneFileSystem* we are processing keys one by one and if there is a recursive flag, we ignore whether the key was deleted or not, just to continue with processing the next iteration. The result should be a success only if all keys were successfully deleted.
was:
For a Legacy bucket, recursive delete might appear successful even if no keys were actually deleted.
The issue can be reproduced in the docker dev env. Edit *docker-config* to enable native ACLs
{{}}
{noformat}
OZONE-SITE.XML_ozone.acl.enabled=true
OZONE-SITE.XML_ozone.acl.authorizer.class=org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer{noformat}
{{{}{}}}Start the docker env and run the commands below
{code:java}
> docker-compose exec -T om ozone sh volume create /vol1
> docker-compose exec -T om ozone sh bucket create /vol1/bucket1 -l LEGACY
> docker-compose exec -T om ozone sh volume setacl -a user:testuser2:rw,user:testuser:a,group:testuser2:rw,group:testuser:a vol1
ACLs set successfully.
> docker-compose exec -T om ozone sh bucket setacl -a user:testuser2:rwlc,user:testuser:a,group:testuser2:rwlc,group:testuser:a vol1/bucket1
ACLs set successfully.
> docker-compose exec -T -u testuser om ozone fs -mkdir /vol1/bucket1/dir1
> docker-compose exec -T -u testuser om ozone fs -put ./README.md /vol1/bucket1/dir1/readme
> docker-compose exec -T -u testuser2 om ozone fs -rm -r -skipTrash /vol1/bucket1/dir1
Deleted /vol1/bucket1/dir1
> docker-compose exec -T -u testuser om ozone fs -ls /vol1/bucket1/dir1
Found 1 items
-rw-rw-rw- 3 testuser testuser 4068 2023-11-02 16:53 /vol1/bucket1/dir1/readme {code}
This is happening because in
*BasicRootedOzoneFileSystem* we are processing keys one by one and if there is a recursive flag, we ignore whether the key was deleted or not, just to continue with processing the next iteration. The result should be a success only if all keys were successfully deleted.
> Recursive fs delete on a Legacy bucket succeeds even if no keys were deleted
> ----------------------------------------------------------------------------
>
> Key: HDDS-9610
> URL: https://issues.apache.org/jira/browse/HDDS-9610
> Project: Apache Ozone
> Issue Type: Bug
> Components: OFS, Ozone CLI
> Reporter: Christos Bisias
> Priority: Major
>
> For a Legacy bucket, recursive delete might appear successful even if no keys were actually deleted.
> The issue can be reproduced in the docker dev env. Edit *docker-config* to enable native ACLs
> {noformat}
> OZONE-SITE.XML_ozone.acl.enabled=true
> OZONE-SITE.XML_ozone.acl.authorizer.class=org.apache.hadoop.ozone.security.acl.OzoneNativeAuthorizer{noformat}
> Start the docker env and run the commands below
> {code:java}
> > docker-compose exec -T om ozone sh volume create /vol1
> > docker-compose exec -T om ozone sh bucket create /vol1/bucket1 -l LEGACY
> > docker-compose exec -T om ozone sh volume setacl -a user:testuser2:rw,user:testuser:a,group:testuser2:rw,group:testuser:a vol1
> ACLs set successfully.
> > docker-compose exec -T om ozone sh bucket setacl -a user:testuser2:rwlc,user:testuser:a,group:testuser2:rwlc,group:testuser:a vol1/bucket1
> ACLs set successfully.
> > docker-compose exec -T -u testuser om ozone fs -mkdir /vol1/bucket1/dir1
> > docker-compose exec -T -u testuser om ozone fs -put ./README.md /vol1/bucket1/dir1/readme
> > docker-compose exec -T -u testuser2 om ozone fs -rm -r -skipTrash /vol1/bucket1/dir1
> Deleted /vol1/bucket1/dir1
> > docker-compose exec -T -u testuser om ozone fs -ls /vol1/bucket1/dir1
> Found 1 items
> -rw-rw-rw- 3 testuser testuser 4068 2023-11-02 16:53 /vol1/bucket1/dir1/readme {code}
> This is happening because in
> *BasicRootedOzoneFileSystem* we are processing keys one by one and if there is a recursive flag, we ignore whether the key was deleted or not, just to continue with processing the next iteration. The result should be a success only if all keys were successfully deleted.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org