sumitagrawl commented on code in PR #9735:
URL: https://github.com/apache/ozone/pull/9735#discussion_r2839165275
##########
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/volume/StorageVolume.java:
##########
@@ -768,11 +781,31 @@ private static SpaceUsageCheckParams
getSpaceUsageCheckParams(Builder b, Supplie
throw new IOException("Unable to create the volume root dir at " + root);
}
+ // Set permissions on volume root directory immediately after
creation/check
+ // (for data volumes, we want to ensure the root has secure permissions,
+ // even if the directory already existed from a previous run)
+ // This follows the same pattern as metadata directories in
getDirectoryFromConfig()
+ if (b.conf != null && root.exists() &&
HDDS_VOLUME_DIR.equals(b.getStorageDirStr())) {
Review Comment:
internal created dirs and files permission is to be controlled by umask
feature of linux, right?
OR are we passing permission flag for all files and directories already for
creation like container dir, yaml file, db file, and so on ?
How about handling permission for already created sub-dir and sub-files with
wrong permission ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
