8 سال پیش · 312e57b954
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
@@ -269,7 +269,7 @@ public class DFSConfigKeys extends CommonConfigurationKeys {
 
				   public static final String DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_KEY =
			
 
				       "dfs.namenode.posix.acl.inheritance.enabled";
			
 
				   public static final boolean
			
 
				-      DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_DEFAULT = false;
			
 
				+      DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_DEFAULT = true;
			
 
				   public static final String  DFS_NAMENODE_XATTRS_ENABLED_KEY = "dfs.namenode.xattrs.enabled";
			
 
				   public static final boolean DFS_NAMENODE_XATTRS_ENABLED_DEFAULT = true;
			
 
				   public static final String  DFS_ADMIN = "dfs.cluster.administrators";
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
@@ -459,7 +459,7 @@
 
				 
			
 
				   <property>
			
 
				     <name>dfs.namenode.posix.acl.inheritance.enabled</name>
			
 
				-    <value>false</value>
			
 
				+    <value>true</value>
			
 
				     <description>
			
 
				       Set to true to enable POSIX style ACL inheritance. When it is enabled
			
 
				       and the create request comes from a compatible client, the NameNode
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/site/markdown/HdfsPermissionsGuide.md
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/site/markdown/HdfsPermissionsGuide.md
@@ -322,7 +322,7 @@ Configuration Parameters
 
				 
			
 
				 *   `dfs.namenode.posix.acl.inheritance.enabled`
			
 
				 
			
 
				-    Set to true to enable POSIX style ACL inheritance. Disabled by default.
			
 
				+    Set to true to enable POSIX style ACL inheritance. Enabled by default.
			
 
				     When it is enabled and the create request comes from a compatible client,
			
 
				     the NameNode will apply default ACLs from the parent directory to
			
 
				     the create mode and ignore the client umask. If no default ACL is found,
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/cli/TestAclCLI.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/cli/TestAclCLI.java
@@ -34,6 +34,8 @@ public class TestAclCLI extends CLITestHelperDFS {
 
				 
			
 
				   protected void initConf() {
			
 
				     conf.setBoolean(DFSConfigKeys.DFS_NAMENODE_ACLS_ENABLED_KEY, true);
			
 
				+    conf.setBoolean(
			
 
				+        DFSConfigKeys.DFS_NAMENODE_POSIX_ACL_INHERITANCE_ENABLED_KEY, false);
			
 
				   }
			
 
				 
			
 
				   @Before
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/FSAclBaseTest.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/FSAclBaseTest.java
@@ -903,7 +903,7 @@ public abstract class FSAclBaseTest {
 
				     assertArrayEquals(new AclEntry[] {
			
 
				       aclEntry(ACCESS, USER, "foo", ALL),
			
 
				       aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
			
 
				-    assertPermission(filePath, (short)010640);
			
 
				+    assertPermission(filePath, (short)010660);
			
 
				     assertAclFeature(filePath, true);
			
 
				   }
			
 
				 
			
@@ -1003,7 +1003,7 @@ public abstract class FSAclBaseTest {
 
				       aclEntry(DEFAULT, GROUP, READ_EXECUTE),
			
 
				       aclEntry(DEFAULT, MASK, ALL),
			
 
				       aclEntry(DEFAULT, OTHER, NONE) }, returned);
			
 
				-    assertPermission(dirPath, (short)010750);
			
 
				+    assertPermission(dirPath, (short)010770);
			
 
				     assertAclFeature(dirPath, true);
			
 
				   }
			
 
				 
			
@@ -1120,7 +1120,7 @@ public abstract class FSAclBaseTest {
 
				     s = fs.getAclStatus(filePath);
			
 
				     returned = s.getEntries().toArray(new AclEntry[0]);
			
 
				     assertArrayEquals(expected, returned);
			
 
				-    assertPermission(filePath, (short)010640);
			
 
				+    assertPermission(filePath, (short)010660);
			
 
				     assertAclFeature(filePath, true);
			
 
				   }
			
 
				 
			
@@ -1149,7 +1149,7 @@ public abstract class FSAclBaseTest {
 
				     s = fs.getAclStatus(subdirPath);
			
 
				     returned = s.getEntries().toArray(new AclEntry[0]);
			
 
				     assertArrayEquals(expected, returned);
			
 
				-    assertPermission(subdirPath, (short)010750);
			
 
				+    assertPermission(subdirPath, (short)010770);
			
 
				     assertAclFeature(subdirPath, true);
			
 
				   }
			
 
				 
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSImageWithAcl.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestFSImageWithAcl.java
@@ -138,13 +138,15 @@ public class TestFSImageWithAcl {
 
				       aclEntry(DEFAULT, MASK, ALL),
			
 
				       aclEntry(DEFAULT, OTHER, READ_EXECUTE) };
			
 
				 
			
 
				+    short permExpected = (short)010775;
			
 
				+
			
 
				     AclEntry[] fileReturned = fs.getAclStatus(filePath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(fileExpected, fileReturned);
			
 
				     AclEntry[] subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				 
			
 
				     restart(fs, persistNamespace);
			
 
				 
			
@@ -154,7 +156,7 @@ public class TestFSImageWithAcl {
 
				     subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				 
			
 
				     aclSpec = Lists.newArrayList(aclEntry(DEFAULT, USER, "foo", READ_WRITE));
			
 
				     fs.modifyAclEntries(dirPath, aclSpec);
			
@@ -165,7 +167,7 @@ public class TestFSImageWithAcl {
 
				     subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				 
			
 
				     restart(fs, persistNamespace);
			
 
				 
			
@@ -175,7 +177,7 @@ public class TestFSImageWithAcl {
 
				     subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				 
			
 
				     fs.removeAcl(dirPath);
			
 
				 
			
@@ -185,7 +187,7 @@ public class TestFSImageWithAcl {
 
				     subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				 
			
 
				     restart(fs, persistNamespace);
			
 
				 
			
@@ -195,7 +197,7 @@ public class TestFSImageWithAcl {
 
				     subdirReturned = fs.getAclStatus(subdirPath).getEntries()
			
 
				       .toArray(new AclEntry[0]);
			
 
				     Assert.assertArrayEquals(subdirExpected, subdirReturned);
			
 
				-    assertPermission(fs, subdirPath, (short)010755);
			
 
				+    assertPermission(fs, subdirPath, permExpected);
			
 
				   }
			
 
				 
			
 
				   @Test