Last active
October 28, 2018 01:10
-
-
Save dgadiraju/fed51f71eb1eb9a086eaefc03b3cd577 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hdfs dfs -touchz /user/cloudera/aclsfile.txt | |
#Create some test data in local file and append to aclsfile.txt as cloudera | |
#somedata contains output of hadoop fs -help | |
hadoop fs -help > somedata | |
hadoop fs -appendToFile somedata /user/cloudera/aclsfiledemo.txt | |
hadoop fs -setfacl -m user:itversity:rw- /user/cloudera/aclsfiledemo.txt | |
hadoop fs -getfacl /user/cloudera/aclsfiledemo.txt | |
#Now as itversity, you should be able to append data to aclsfiledemo.txt | |
hadoop fs -help > somedata | |
hadoop fs -appendToFile somedata /user/cloudera/aclsfiledemo.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Now let us see on a directory | |
hadoop fs -mkdir /user/cloudera/aclsdemo | |
hadoop fs -chmod 757 /user/cloudera/aclsdemo | |
#Any user on the system will be able to write to /user/cloudera/aclsdemo | |
#Using acls we can restrict write access to itversity but not demo | |
#First change the permssions back to 755 | |
hadoop fs -chmod 755 /user/cloudera/aclsdemo | |
hadoop fs -setfacl -m user:itversity:rwx /user/cloudera/aclsdemo | |
#Now user itversity should be able to copy files into the directory | |
#but not other users like demo | |
#We can give access to demo as well and check the acl details | |
hadoop fs -setfacl -m user:demo:rwx /user/cloudera/aclsdemo | |
hadoop fs -getfacl /user/cloudera/aclsdemo | |
#Default ACL | |
hadoop fs -setfacl -m default:other::--- /user/cloudera/aclsdemo | |
hadoop fs -getfacl /user/cloudera/aclsdemo | |
#We can use --set to override ACLs | |
hadoop fs -setfacl --set \ | |
user::rw-,user:itversity:rw-,user:demo:rw-,group::r--,other::r-- \ | |
/user/cloudera/aclsdemo.txt | |
hadoop fs -getfacl /user/cloudera/aclsdemo.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Access from a particular user or group can be removed using -x | |
hadoop fs -setfacl -x user:demo /user/cloudera/aclsdemo | |
hadoop fs -getfacl /user/cloudera/aclsdemo | |
#Using -b we can remove all ACLs that are added | |
hadoop fs -setfacl -b /user/cloudera/aclsdemo | |
hadoop fs -getfacl /user/cloudera/aclsdemo | |
#Remove Default ACL | |
hadoop fs -setfacl -k /user/cloudera/aclsdemo | |
hadoop fs -getfacl /user/cloudera/aclsdemo |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment