hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matteo Bertozzi (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-11013) HBase Clone Snapshots on Secure Cluster Should Retain User Permissions
Date Thu, 17 Apr 2014 03:48:15 GMT

    [ https://issues.apache.org/jira/browse/HBASE-11013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13972271#comment-13972271
] 

Matteo Bertozzi commented on HBASE-11013:
-----------------------------------------

I can see two cases, one where restoring ACLs make sense and the other not
* Snapshot used as "time machine": and I need to get back to the exact same configuration/data/...
and here is fine restoring ACLs.
* Snapshot used as backup: I restore the table and I've the "five months old user access"
people that maybe have joined another teams or doesn't exists anymore and shouldn't have access,
and the new guys doesn't have the access (need manual work to get back to the state before
restore, that is not really recoverable unless some tricks looking at the snapshot taken before
the restore) 



> HBase Clone Snapshots on Secure Cluster Should Retain User Permissions
> ----------------------------------------------------------------------
>
>                 Key: HBASE-11013
>                 URL: https://issues.apache.org/jira/browse/HBASE-11013
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Ted Yu
>
> Currently,
> {code}
> sudo su - test_user
> create 't1', 'f1'
> sudo su - hbase
> snapshot 't1', 'snap_one'
> clone_snapshot 'snap_one', 't2'
> {code}
> In this scenario the user - test_user would not have permissions for the clone table
t2. We need to add improvement feature such that test_user has same permissions on t2 that
it used to have for t1.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message