Return-Path: 
 <notifications-return-8684-apmail-accumulo-notifications-archive=accumulo.apache.org@accumulo.apache.org>
X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 88D1610360
	for <apmail-accumulo-notifications-archive@minotaur.apache.org>;
 Thu, 18 Jul 2013 21:02:49 +0000 (UTC)
Received: (qmail 71315 invoked by uid 500); 18 Jul 2013 21:02:49 -0000
Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org
Received: (qmail 71285 invoked by uid 500); 18 Jul 2013 21:02:49 -0000
Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:notifications-help@accumulo.apache.org>
List-Unsubscribe: <mailto:notifications-unsubscribe@accumulo.apache.org>
List-Post: <mailto:notifications@accumulo.apache.org>
List-Id: <notifications.accumulo.apache.org>
Reply-To: jira@apache.org
Delivered-To: mailing list notifications@accumulo.apache.org
Received: (qmail 71162 invoked by uid 99); 18 Jul 2013 21:02:49 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Jul 2013 21:02:49 +0000
Date: Thu, 18 Jul 2013 21:02:49 +0000 (UTC)
From: "Christopher Tubbs (JIRA)" <jira@apache.org>
To: notifications@accumulo.apache.org
Message-ID: <JIRA.12658637.1374181306271.76249.1374181369155@arcas>
In-Reply-To: <JIRA.12658637.1374181306271@arcas>
References: <JIRA.12658637.1374181306271@arcas>
Subject: [jira] [Created] (ACCUMULO-1583) RPC from "system" user with wrong
 credentials will kill a tablet server
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Christopher Tubbs created ACCUMULO-1583:
-------------------------------------------

             Summary: RPC from "system" user with wrong credentials will kill a tablet server
                 Key: ACCUMULO-1583
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1583
             Project: Accumulo
          Issue Type: Bug
    Affects Versions: 1.5.0
            Reporter: Christopher Tubbs
            Assignee: Christopher Tubbs
            Priority: Critical
             Fix For: 1.6.0


I found this issue in the TabletServer code, where for certain operations (chop, compact, flush, flushTablet, getActiveCompations, getActiveScans, halt, loadTablet, and unloadTablet), the RPC user's permissions are checked (and they are expected to be the system user), and if they aren't correct, the TabletServer will simply voluntarily kill itself. This is a problem, because the TabletServer assumes it is the problem, instead of the incoming credentials.

The Master may rely on this behavior to force tablets to be unloaded if a TServer is bad. However, it should probably just try to delete the lock in zookeeper instead. After all, if it can delete the lock in zookeeper, it has the correct configuration, and it can be assumed that the TServer is the one that is wrong.

(see o.a.a.server.tabletserver.TabletServer.checkPermission())

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira