hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jerry He (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-12644) Visibility Labels: issue with storing super users in labels table
Date Thu, 11 Dec 2014 07:03:12 GMT

    [ https://issues.apache.org/jira/browse/HBASE-12644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14242242#comment-14242242
] 

Jerry He commented on HBASE-12644:
----------------------------------

The race condition seems to be here:

In ZKVisibilityLabelWatcher.writeToZookeeper() 
{code}
      ZKUtil.createWithParents(watcher, znode);
      ZKUtil.updateExistingNodeData(watcher, znode, data, -1);
{code}

Note that these are two separate calls. If the node does not exist (for example, user_auths
node is getting created for the first time),
the two calls will trigger two events: nodeCreated, and nodeDataChanged.

On the receiving side, 
{code}
  public void nodeCreated(String path) {
    if (path.equals(labelZnode) || path.equals(userAuthsZnode)) {
      try {
        ZKUtil.watchAndCheckExists(watcher, path);
      } catch (KeeperException ke) {
        LOG.error("Error setting watcher on node " + path, ke);
        // only option is to abort
        watcher.abort("Zookeeper error obtaining label node children", ke);
      }
    }
{code}
If the nodeDataChanged event come in before the ZKUtil.watchAndCheckExists() when the first
event is still being processed, then the second event is lost by this receiver.
I am seeing even after the setAuths() is done, the scan still lacks the auth.

It did not happen before in the tests is because we create the 'user_auths' node when adding
the system and super user auths. Now with this patch, the creation of the node is postponed.



> Visibility Labels: issue with storing super users in labels table
> -----------------------------------------------------------------
>
>                 Key: HBASE-12644
>                 URL: https://issues.apache.org/jira/browse/HBASE-12644
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.98.8, 0.99.2
>            Reporter: Jerry He
>            Assignee: Jerry He
>             Fix For: 1.0.0, 0.98.10
>
>         Attachments: HBASE-12644-master-v2.patch, HBASE-12644-master.patch
>
>
> Super users have all the permissions for ACL and Visibility labels.
> They are defined in hbase-site.xml.
> Currently in VisibilityController, we persist super user with their system permission
in hbase:labels.
> This makes change in super user difficult.
> There are two issues:
> In the current DefaultVisibilityLabelServiceImpl.addSystemLabel, we only add super user
when we initially create the 'system' label.
> No additional update after that even if super user changed. See code for details.
>  
> Additionally, there is no mechanism to remove any super user from the labels table.
>  
> We probably should not persist super users in the labels table.
> They are in hbase-site.xml and can just stay in labelsCache and used from labelsCache
after retrieval by Visibility Controller.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message