[
https://issues.apache.org/jira/browse/HBASE-19402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16368786#comment-16368786
]
Appy commented on HBASE-19402:
------------------------------
Should we make all of these require ADMIN?
These are critical functions for a cluster to startup(?) so am trying to
understand how will it work?
If master starts as user 'hbase', does that user automatically gets certain
privileges?
If not, how will a cluster boot-up? No RSs will be able to call
regionServerStartup(), which means ACL table can't be served, which means no
permissions can be granted for to user starting RSs. chicken and egg problem.
If yes, that puts a restriction that all hbase services have to be started by
same user. I don't see a problem in that restriction, but then i have very
limited ops experience.
[~stack] [~Apache9] any ideas?
> Add missing security hooks for RegionServerStatusService RPCs
> -------------------------------------------------------------
>
> Key: HBASE-19402
> URL: https://issues.apache.org/jira/browse/HBASE-19402
> Project: HBase
> Issue Type: Sub-task
> Affects Versions: 2.0.0-beta-1
> Reporter: Balazs Meszaros
> Priority: Major
>
> The following RPC methods do not call the observers, therefore they are not
> guarded by AccessController:
> - regionServerStartup
> - regionServerReport
> - reportRSFatalError
> - reportRegionStateTransition
> - reportRegionSpaceUse
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
