[jira] [Created] (HBASE-21995) Add a coprocessor to set HDFS ACL for hbase granted user

Yi Mei (JIRA) Tue, 05 Mar 2019 02:39:07 -0800

Yi Mei created HBASE-21995:
------------------------------

             Summary: Add a coprocessor to set HDFS ACL for hbase granted user
                 Key: HBASE-21995
                 URL: https://issues.apache.org/jira/browse/HBASE-21995
             Project: HBase
          Issue Type: Sub-task
            Reporter: Yi Mei



To make hbase granted user have the access to scan table snapshots, use HDFS 
ACLs to set user read permission over hfiles.
The basic implementation is:
1. For public directories such as 'data' and 'archive', set other users' 
permission to '--x' to make everyone have the permission to access the 
directory.
2. For namespace or table directories such as 'data/ns/table', 
'archive/ns/table' and '.hbase-snapshot/snapshotName', set user 'r-x' acl and 
default 'r-x' acl when following operations happen:
grant to namespace or table / revoke from namespace or table / snapshot table

 

For more details, please reference the design doc: 
https://docs.google.com/document/d/1D2iAdbrW5CcKc2SthJBXA1n2tTMTftuVaFtxbOWFuqM/edit#heading=h.uwo33s7kz427



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (HBASE-21995) Add a coprocessor to set HDFS ACL for hbase granted user

Reply via email to