[
https://issues.apache.org/jira/browse/FLINK-21640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17310353#comment-17310353
]
Xintong Song commented on FLINK-21640:
--------------------------------------
[~Bo Cui], [~fly_in_gis],
Obviously, different companies maintain ZooKeeper differently. I think
users/companies can choose whichever approach they want, and Flink should not
make assumptions on how ZK is maintained. In that sense, creating the root
ZNode with global access only to fit with some specific ways of maintaining ZK
does not sounds fair to me.
Leaving aside how ZK is maintained, I think it is a common convention for
access control, that by default new contents should be created with as strict
access as possible. E.g., by default new files/directories can only be modified
by the creating user on most of the Linux/Unix systems.
> Job fails to be submitted in tenant scenario
> --------------------------------------------
>
> Key: FLINK-21640
> URL: https://issues.apache.org/jira/browse/FLINK-21640
> Project: Flink
> Issue Type: Bug
> Components: API / Core, Client / Job Submission
> Affects Versions: 1.12.2, 1.13.0
> Reporter: Bo Cui
> Assignee: Bo Cui
> Priority: Major
> Labels: pull-request-available
> Attachments: image-2021-03-06-09-30-52-410.png,
> image-2021-03-06-09-34-05-518.png
>
>
> Job fails to be submitted in tenant scenario
> !image-2021-03-06-09-30-52-410.png!
> because current user does not have the Znode permission.
> !image-2021-03-06-09-34-05-518.png!
> i think the parent znode acl is anyone.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
