You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Wei-Chiu Chuang (JIRA)" <ji...@apache.org> on 2018/05/02 20:54:00 UTC
[jira] [Created] (HDFS-13521) NFS Gateway should support
impersonation
Wei-Chiu Chuang created HDFS-13521:
--------------------------------------
Summary: NFS Gateway should support impersonation
Key: HDFS-13521
URL: https://issues.apache.org/jira/browse/HDFS-13521
Project: Hadoop HDFS
Issue Type: Bug
Reporter: Wei-Chiu Chuang
Similar to HDFS-10481, NFS gateway and httpfs are independent processes that accept client connections.
NFS Gateway currently solves file permission/ownership problem by running as HDFS super user, and then call setOwner() to change file owner.
This is not desirable.
# it adds additional RPC load to NameNode.
# this does not support at-rest encryption, because by design, HDFS super user cannot access KMS.
This is yet another problem around KMS ACL. [~xiaochen] [~rushabh.shah] thoughts?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-help@hadoop.apache.org