[ https://issues.apache.org/jira/browse/HBASE-14425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15049015#comment-15049015 ]
Hudson commented on HBASE-14425: -------------------------------- SUCCESS: Integrated in HBase-0.98-matrix #271 (See [https://builds.apache.org/job/HBase-0.98-matrix/271/]) HBASE-14425 In Secure Zookeeper cluster superuser will not have (apurtell: rev 33ecfc3b59f96d691186517b1ab6d8cf548360a3) * hbase-client/src/test/java/org/apache/hadoop/hbase/zookeeper/TestZKUtil.java * hbase-client/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKUtil.java * hbase-client/src/main/java/org/apache/hadoop/hbase/zookeeper/ZooKeeperWatcher.java * hbase-it/src/test/java/org/apache/hadoop/hbase/test/IntegrationTestZKAndFSPermissions.java > In Secure Zookeeper cluster superuser will not have sufficient permission if > multiple values are configured in "hbase.superuser" > -------------------------------------------------------------------------------------------------------------------------------- > > Key: HBASE-14425 > URL: https://issues.apache.org/jira/browse/HBASE-14425 > Project: HBase > Issue Type: Bug > Reporter: Pankaj Kumar > Assignee: Pankaj Kumar > Fix For: 2.0.0, 1.2.0, 1.3.0, 0.98.17 > > Attachments: HBASE-14425-V2.patch, HBASE-14425-V2.patch, > HBASE-14425.patch > > > During master intialization we are setting ACLs for the znodes. > In ZKUtil.createACL(ZooKeeperWatcher zkw, String node, boolean > isSecureZooKeeper), > {code} > String superUser = zkw.getConfiguration().get("hbase.superuser"); > ArrayList<ACL> acls = new ArrayList<ACL>(); > // add permission to hbase supper user > if (superUser != null) { > acls.add(new ACL(Perms.ALL, new Id("auth", superUser))); > } > {code} > Here we are directly setting "hbase.superuser" value to Znode which will > cause an issue when multiple values are configured. In "hbase.superuser" > multiple superusers and supergroups can be configured separated by comma. We > need to iterate them and set ACL. -- This message was sent by Atlassian JIRA (v6.3.4#6332)