HIVE-8791 - Hive permission inheritance throws exception S3 (Szehon v…

…ia Brock) git-svn-id: https://svn.apache.org/repos/asf/hive/trunk@1639108 13f79535-47bb-0310-9956-ffa450edef68
akitanaka · Nov 12, 2014 · 6060200 · 6060200
1 parent bce8c2b
commit 6060200
Showing 1 changed file with 26 additions and 14 deletions.
diff --git a/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java b/shims/0.23/src/main/java/org/apache/hadoop/hive/shims/Hadoop23Shims.java
@@ -551,7 +551,13 @@ public HdfsFileStatus getFullFileStatus(Configuration conf, FileSystem fs,
     FileStatus fileStatus = fs.getFileStatus(file);
     AclStatus aclStatus = null;
     if (isExtendedAclEnabled(conf)) {
-      aclStatus = fs.getAclStatus(file);
+      //Attempt extended Acl operations only if its enabled, but don't fail the operation regardless.
+      try {
+        aclStatus = fs.getAclStatus(file);
+      } catch (Exception e) {
+        LOG.info("Skipping ACL inheritance: File system for path " + file + " " +
+                "does not support ACLs but dfs.namenode.acls.enabled is set to true: " + e, e);
+      }
     }
     return new Hadoop23FileStatus(fileStatus, aclStatus);
   }
@@ -567,19 +573,25 @@ public void setFullFileStatus(Configuration conf, HdfsFileStatus sourceStatus,
       run(fsShell, new String[]{"-chgrp", "-R", group, target.toString()});
 
       if (isExtendedAclEnabled(conf)) {
-        AclStatus aclStatus = ((Hadoop23FileStatus) sourceStatus).getAclStatus();
-        List<AclEntry> aclEntries = aclStatus.getEntries();
-        removeBaseAclEntries(aclEntries);
-
-        //the ACL api's also expect the tradition user/group/other permission in the form of ACL
-        FsPermission sourcePerm = sourceStatus.getFileStatus().getPermission();
-        aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.USER, sourcePerm.getUserAction()));
-        aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.GROUP, sourcePerm.getGroupAction()));
-        aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.OTHER, sourcePerm.getOtherAction()));
-
-        //construct the -setfacl command
-        String aclEntry = Joiner.on(",").join(aclStatus.getEntries());
-        run(fsShell, new String[]{"-setfacl", "-R", "--set", aclEntry, target.toString()});
+        //Attempt extended Acl operations only if its enabled, 8791but don't fail the operation regardless.
+        try {
+          AclStatus aclStatus = ((Hadoop23FileStatus) sourceStatus).getAclStatus();
+          List<AclEntry> aclEntries = aclStatus.getEntries();
+          removeBaseAclEntries(aclEntries);
+
+          //the ACL api's also expect the tradition user/group/other permission in the form of ACL
+          FsPermission sourcePerm = sourceStatus.getFileStatus().getPermission();
+          aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.USER, sourcePerm.getUserAction()));
+          aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.GROUP, sourcePerm.getGroupAction()));
+          aclEntries.add(newAclEntry(AclEntryScope.ACCESS, AclEntryType.OTHER, sourcePerm.getOtherAction()));
+
+          //construct the -setfacl command
+          String aclEntry = Joiner.on(",").join(aclStatus.getEntries());
+          run(fsShell, new String[]{"-setfacl", "-R", "--set", aclEntry, target.toString()});
+        } catch (Exception e) {
+          LOG.info("Skipping ACL inheritance: File system for path " + target + " " +
+                  "does not support ACLs but dfs.namenode.acls.enabled is set to true: " + e, e);
+        }
       } else {
         String permission = Integer.toString(sourceStatus.getFileStatus().getPermission().toShort(), 8);
         run(fsShell, new String[]{"-chmod", "-R", permission, target.toString()});