zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Megha Sharma <megha.hitesh.ka...@gmail.com>
Subject Re: Setting acls in Zookeeper
Date Wed, 08 Feb 2017 18:52:53 GMT
Thanks Jordan
That was my understanding as well, wanted to make sure that setting acls
doesn't need zkServer restart. The way I am setting the acls could be
faulty then, I am trying to set the acl ZOO_AUTH_IDS and
ZOO_READ_ACL_UNSAFE using zkCli. According to zookeeper doc, ZOO_AUTH_IDS
translates to (‘auth’,’’) and empty identity string should be interpreted
as “the identity of the creator”. I have tried both empty identity string
(2) and with credentials (1) with zkCli and I am not sure which is the
correct way of achieving ZOO_AUTH_IDS.


1) addauth digest user:pwd
    setAcl /mesos world:anyone:r,auth::crdwa

2) addauth digest user:pwd
    setAcl /mesos world:anyone:r,auth:user:pwd:cdrwa

Thanks
Megha


On Wed, Feb 8, 2017 at 7:27 AM, Jordan Zimmerman <jordan@jordanzimmerman.com
> wrote:

> > I have been trying to set acls with zkCli and it seems like the acls
> don’t
> > take effect until all the zkServers are restarted. Do the acls need
> > zkServer restart?
>
> No. ACL changes take effect immediately. It's a ZNode modification like
> any other. Do you have an example of the problem?
>
> -Jordan

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message