write permission for group is not inheriting in hadoop using default acl

Question

created sale directory under / in hadoop (hdfs)

[hdfs@vm1 ~]$ hadoop fs -mkdir /sale

It got 755(rwxr-xr-x) permission as below

[hdfs@vm1 ~]$ hadoop fs -ls /

drwxr-xr-x - hdfs supergroup 0 2015-04-11 18:12 /sale

Now we are trying to set default acl, so that further directories created in sale directory inherit the acl permissions set on sale directory

[hdfs@vm1 ~]$ hadoop fs -setfacl -m default:user::rwx,default:group::rwx,default:other::--- /sale

[hdfs@vm1 ~]$ hadoop fs -ls /

drwxr-xr-x+ - hdfs supergroup 0 2015-04-11 18:12 /sale

plus sign + denotes that default acl has been set on directory

[hdfs@vm1 ~]$ hadoop fs -getfacl /sale

file: /sale

owner: hdfs

group: supergroup

user::rwx

group::r-x

other::r-x

default:user::rwx

default:group::rwx

default:other::---

Now we are creating a directory under sale to check if the permission are getting inherited as set by setfacl command, but we are seeing that instead of 770(rwxrwx---) permission its getting set as 750(rwxr-x---). Means we are not able to set write permission on group level in hadoop

[hdfs@vm1 ~]$ hadoop fs -mkdir /sale/dir1

[hdfs@vm1 ~]$ hadoop fs -ls /sale/

drwxr-x---+ - hdfs supergroup 0 2015-04-11 18:19 /sale/dir1

The above scenario(default acl) is working fine on linux box. Is there any way to enable same on hadoop/hdfs ? We are using Cloudera Hadoop 5.2, Is there any configuration parameter we are missing to do this in Hadoop ?

Answer 1

Have u set this configuration parameter: dfs.namenode.acls.enabled = true