Hadoop: support acl (#4518)

juicedata · Mar 20, 2024 · 40241a7 · 40241a7
1 parent 551f3f6
commit 40241a7
Show file tree

Hide file tree

Showing 10 changed files with 2,165 additions and 9 deletions.
diff --git a/pkg/fs/fs.go b/pkg/fs/fs.go
@@ -20,6 +20,7 @@ import (
 	"bytes"
 	"context"
 	"fmt"
+	"github.com/juicedata/juicefs/pkg/acl"
 	"io"
 	"os"
 	"path"
@@ -86,6 +87,9 @@ func (fs *FileStat) Mode() os.FileMode {
 	if attr.Mode&01000 != 0 {
 		mode |= os.ModeSticky
 	}
+	if attr.AccessACL+attr.DefaultACL > 0 {
+		mode |= 1 << 18
+	}
 	switch attr.Typ {
 	case meta.TypeDirectory:
 		mode |= os.ModeDir
@@ -627,6 +631,48 @@ func (fs *FileSystem) RemoveXattr(ctx meta.Context, p string, name string) (err
 	return
 }
 
+func (fs *FileSystem) GetFacl(ctx meta.Context, p string, acltype uint8, rule *acl.Rule) (err syscall.Errno) {
+	defer trace.StartRegion(context.TODO(), "fs.GetFacl").End()
+	l := vfs.NewLogContext(ctx)
+	defer func() { fs.log(l, "GetFacl (%s,%d): %s", p, acltype, errstr(err)) }()
+	fi, err := fs.resolve(ctx, p, true)
+	if err != 0 {
+		return
+	}
+	err = fs.m.GetFacl(ctx, fi.inode, acltype, rule)
+	return
+}
+
+func (fs *FileSystem) SetFacl(ctx meta.Context, p string, acltype uint8, rule *acl.Rule) (err syscall.Errno) {
+	defer trace.StartRegion(context.TODO(), "fs.SetFacl").End()
+	l := vfs.NewLogContext(ctx)
+	defer func() {
+		fs.log(l, "SetFacl (%s,%d,%v): %s", p, acltype, rule, errstr(err))
+	}()
+	fi, err := fs.resolve(ctx, p, true)
+	if err != 0 {
+		return
+	}
+	if acltype == acl.TypeDefault && fi.Mode().IsRegular() {
+		if rule.IsEmpty() {
+			return
+		} else {
+			return syscall.ENOTSUP
+		}
+	}
+	if rule.IsEmpty() {
+		oldRule := acl.EmptyRule()
+		if err = fs.m.GetFacl(ctx, fi.inode, acltype, oldRule); err != 0 {
+			return err
+		}
+		rule.Owner = oldRule.Owner
+		rule.Other = oldRule.Other
+		rule.Group = oldRule.Group & oldRule.Mask
+	}
+	err = fs.m.SetFacl(ctx, fi.inode, acltype, rule)
+	return
+}
+
 func (fs *FileSystem) lookup(ctx meta.Context, parent Ino, name string, inode *Ino, attr *Attr) (err syscall.Errno) {
 	now := time.Now()
 	if fs.conf.DirEntryTimeout > 0 || fs.conf.EntryTimeout > 0 {

diff --git a/sdk/java/libjfs/main.go b/sdk/java/libjfs/main.go
@@ -31,6 +31,7 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"github.com/juicedata/juicefs/pkg/acl"
 	"io"
 	"net/http"
 	_ "net/http/pprof"
@@ -882,6 +883,71 @@ func jfs_removeXattr(pid int, h int64, path *C.char, name *C.char) int {
 	return errno(w.RemoveXattr(w.withPid(pid), C.GoString(path), C.GoString(name)))
 }
 
+//export jfs_getfacl
+func jfs_getfacl(pid int, h int64, path *C.char, acltype int, buf uintptr, blen int) int {
+	w := F(h)
+	if w == nil {
+		return EINVAL
+	}
+	rule := acl.EmptyRule()
+	err := w.GetFacl(w.withPid(pid), C.GoString(path), uint8(acltype), rule)
+	if err != 0 {
+		return errno(err)
+	}
+	wb := utils.NewNativeBuffer(toBuf(buf, blen))
+	wb.Put16(rule.Owner)
+	wb.Put16(rule.Group)
+	wb.Put16(rule.Other)
+	wb.Put16(rule.Mask)
+	wb.Put16(uint16(len(rule.NamedUsers)))
+	wb.Put16(uint16(len(rule.NamedGroups)))
+	var off uintptr = 12
+	for i, entry := range append(rule.NamedUsers, rule.NamedGroups...) {
+		var name string
+		if i < len(rule.NamedUsers) {
+			name = w.uid2name(entry.Id)
+		} else {
+			name = w.gid2name(entry.Id)
+		}
+		if wb.Left() < len(name)+1+2 {
+			return -100
+		}
+		wb.Put([]byte(name))
+		wb.Put8(0)
+		wb.Put16(entry.Perm)
+	}
+	return int(off)
+}
+
+//export jfs_setfacl
+func jfs_setfacl(pid int, h int64, path *C.char, acltype int, buf uintptr, alen int) int {
+	w := F(h)
+	if w == nil {
+		return EINVAL
+	}
+	rule := acl.EmptyRule()
+	r := utils.NewNativeBuffer(toBuf(buf, alen))
+	rule.Owner = r.Get16()
+	rule.Group = r.Get16()
+	rule.Other = r.Get16()
+	rule.Mask = r.Get16()
+	namedusers := r.Get16()
+	namedgroups := r.Get16()
+	for i := uint16(0); i < namedusers+namedgroups; i++ {
+		name := string(r.Get(int(r.Get8())))
+		var entry acl.Entry
+		entry.Perm = uint16(r.Get8())
+		if i < namedusers {
+			entry.Id = w.lookupUid(name)
+			rule.NamedUsers = append(rule.NamedUsers, entry)
+		} else {
+			entry.Id = w.lookupGid(name)
+			rule.NamedGroups = append(rule.NamedGroups, entry)
+		}
+	}
+	return errno(w.SetFacl(w.withPid(pid), C.GoString(path), uint8(acltype), rule))
+}
+
 //export jfs_readlink
 func jfs_readlink(pid int, h int64, link *C.char, buf uintptr, bufsize int) int {
 	w := F(h)

diff --git a/sdk/java/pom.xml b/sdk/java/pom.xml
@@ -42,6 +42,9 @@
 				<configuration>
 					<argLine>${argLine}</argLine>
 					<trimStackTrace>false</trimStackTrace>
+					<systemProperties>
+						<test.cache.data>${project.build.directory}/test-classes</test.cache.data>
+					</systemProperties>
 				</configuration>
 			</plugin>
 			<plugin>
@@ -217,6 +220,9 @@
 			<testResource>
 				<directory>conf</directory>
 			</testResource>
+			<testResource>
+				<directory>src/test/resources</directory>
+			</testResource>
 		</testResources>
 	</build>
 	<dependencies>