accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Dailey <matthew.dail...@gmail.com>
Subject 1.6.0: Namespace.CREATE_TABLE not enforced?
Date Sat, 16 Aug 2014 00:35:27 GMT
>From a clean Accumulo 1.6.0 install, I created a new user, gave them
System.CREATE_TABLE, and created a new namespace, but did not give that
user any permissions to that namespace.  However, I was then able to create
a table under that namespace as the new user.

Is there some default openness for namespaces?  My use case is having a
user able to make sandbox tables within their own personal namespace.

Thanks,
Matt

P.S.  Command dump follows:

root@accumulo> createuser user
root@accumulo> grant -u user -s System.CREATE_TABLE
root@accumulo> createnamespace foo
root@accumulo> user user

user@accumulo> createtable foo.bar
user@accumulo foo.bar> insert a b c d
user@accumulo foo.bar> scan
a b:c []    d
user@accumulo foo.bar> userpermissions
System permissions: System.CREATE_TABLE

Namespace permissions (accumulo): Namespace.READ

Table permissions (accumulo.metadata): Table.READ
Table permissions (accumulo.root): Table.READ
Table permissions (foo.bar): Table.READ, Table.WRITE, Table.BULK_IMPORT,
Table.ALTER_TABLE, Table.GRANT, Table.DROP_TABLE
user@accumulo foo.bar>

Mime
View raw message