Re: [PR] HDDS-14574. Enforce 700 permissions on Ozone Metadata and Data(hdds) directories [ozone]

Tue, 24 Feb 2026 22:33:44 -0800 


Gargi-jais11 commented on code in PR #9735:
URL: https://github.com/apache/ozone/pull/9735#discussion_r2851149527


##########
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/volume/StorageVolume.java:
##########
@@ -768,11 +781,31 @@ private static SpaceUsageCheckParams 
getSpaceUsageCheckParams(Builder b, Supplie
       throw new IOException("Unable to create the volume root dir at " + root);
     }
 
+    // Set permissions on volume root directory immediately after 
creation/check
+    // (for data volumes, we want to ensure the root has secure permissions,
+    // even if the directory already existed from a previous run)
+    // This follows the same pattern as metadata directories in 
getDirectoryFromConfig()
+    if (b.conf != null && root.exists() && 
HDDS_VOLUME_DIR.equals(b.getStorageDirStr())) {

Review Comment:
   1. Yes. Internal dirs and files (container dirs, yaml, db, block files, 
etc.) get their permissions from the process umask.
   Ozone uses mkdirs(), Files.createDirectories(), and normal file writes.
   No explicit permission flags are passed.
   
   2. How do we handle already-existing sub-dirs and sub-files with wrong 
permissions?
   We don’t. We only fix permissions on:
   
   - Volume root (e.g. /data/hdds1)
   - Storage dir (e.g. /data/hdds1/hdds)
   
   Why this is sufficient:
   Parent dirs (volume root and hdds) are set to 700.
   Children inherit from that; only the owner can traverse even though they 
have wrong permission.
   
   Suppose initialy volume and root dir had 755 permissions and then we upgrade 
then automatically root and volume dir permissions will be changed to 700 
permissions and it will safeguard all our inside sub dirs and files created 
before upgrade
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to