Setting File and Directory ACEs
Describes how to set ACEs for files and directories.
For files and directories, run the hadoop
mfs command to set Access Control Expression (ACE)s. After ACEs are set, by default, the corresponding
POSIX mode bits are also set. POSIX mode bits for owner and owning group are deduced by
evaluating the corresponding ACEs. POSIX mode bits for others is set only if "p"
is given as the value for
an ACE.
The following table lists POSIX mode bits and corresponding access types.
ACE | POSIX Mode Bits | |
---|---|---|
File | readfile |
r |
writefile |
w | |
executefile |
x | |
Directory | readdir |
r |
addchild |
w | |
deletechild |
w | |
lookupdir |
x |
The POSIX mode bit that grants write (w
) access to a directory is set only
if the user, role, or group is granted permission for both access types
(addchild
and deletechild
).
The hadoop command, by default, sets the POSIX mode bits that correspond to the given ACEs, and:
- Overwrites existing ACE values with new values, if specified, for access types that were previously set.
- Sets ACE values for access types that have not yet been set, if specified.
- Does not modify access types that are not specified with the command, regardless of how they were previously set.