Skip to content

Instantly share code, notes, and snippets.

@dgadiraju
Last active October 28, 2018 01:10
Show Gist options
  • Save dgadiraju/fed51f71eb1eb9a086eaefc03b3cd577 to your computer and use it in GitHub Desktop.
Save dgadiraju/fed51f71eb1eb9a086eaefc03b3cd577 to your computer and use it in GitHub Desktop.
hdfs dfs -touchz /user/cloudera/aclsfile.txt
#Create some test data in local file and append to aclsfile.txt as cloudera
#somedata contains output of hadoop fs -help
hadoop fs -help > somedata
hadoop fs -appendToFile somedata /user/cloudera/aclsfiledemo.txt
hadoop fs -setfacl -m user:itversity:rw- /user/cloudera/aclsfiledemo.txt
hadoop fs -getfacl /user/cloudera/aclsfiledemo.txt
#Now as itversity, you should be able to append data to aclsfiledemo.txt
hadoop fs -help > somedata
hadoop fs -appendToFile somedata /user/cloudera/aclsfiledemo.txt
#Now let us see on a directory
hadoop fs -mkdir /user/cloudera/aclsdemo
hadoop fs -chmod 757 /user/cloudera/aclsdemo
#Any user on the system will be able to write to /user/cloudera/aclsdemo
#Using acls we can restrict write access to itversity but not demo
#First change the permssions back to 755
hadoop fs -chmod 755 /user/cloudera/aclsdemo
hadoop fs -setfacl -m user:itversity:rwx /user/cloudera/aclsdemo
#Now user itversity should be able to copy files into the directory
#but not other users like demo
#We can give access to demo as well and check the acl details
hadoop fs -setfacl -m user:demo:rwx /user/cloudera/aclsdemo
hadoop fs -getfacl /user/cloudera/aclsdemo
#Default ACL
hadoop fs -setfacl -m default:other::--- /user/cloudera/aclsdemo
hadoop fs -getfacl /user/cloudera/aclsdemo
#We can use --set to override ACLs
hadoop fs -setfacl --set \
user::rw-,user:itversity:rw-,user:demo:rw-,group::r--,other::r-- \
/user/cloudera/aclsdemo.txt
hadoop fs -getfacl /user/cloudera/aclsdemo.txt
#Access from a particular user or group can be removed using -x
hadoop fs -setfacl -x user:demo /user/cloudera/aclsdemo
hadoop fs -getfacl /user/cloudera/aclsdemo
#Using -b we can remove all ACLs that are added
hadoop fs -setfacl -b /user/cloudera/aclsdemo
hadoop fs -getfacl /user/cloudera/aclsdemo
#Remove Default ACL
hadoop fs -setfacl -k /user/cloudera/aclsdemo
hadoop fs -getfacl /user/cloudera/aclsdemo
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment