[jira] [Commented] (HBASE-20185) Fix ACL check for MasterRpcServices#execProcedure

Hudson (JIRA) Tue, 27 Mar 2018 19:51:37 -0700

    [ 
https://issues.apache.org/jira/browse/HBASE-20185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16416661#comment-16416661
 ]


Hudson commented on HBASE-20185:
--------------------------------

Results for branch HBASE-19064
        [build #77 on 
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/HBASE-19064/77/]: 
(x) *{color:red}-1 overall{color}*
----
details (if available):

(x) {color:red}-1 general checks{color}
-- For more information [see general 
report|https://builds.apache.org/job/HBase%20Nightly/job/HBASE-19064/77//General_Nightly_Build_Report/]




(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2) 
report|https://builds.apache.org/job/HBase%20Nightly/job/HBASE-19064/77//JDK8_Nightly_Build_Report_(Hadoop2)/]


(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3) 
report|https://builds.apache.org/job/HBase%20Nightly/job/HBASE-19064/77//JDK8_Nightly_Build_Report_(Hadoop3)/]


(/) {color:green}+1 source release artifact{color}
-- See build output for details.


> Fix ACL check for MasterRpcServices#execProcedure
> -------------------------------------------------
>
>                 Key: HBASE-20185
>                 URL: https://issues.apache.org/jira/browse/HBASE-20185
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Appy
>            Assignee: Appy
>            Priority: Major
>             Fix For: 2.0.0
>
>         Attachments: HBASE-20185.master.001.patch
>
>
> Mailing thread ref: 
> [http://mail-archives.apache.org/mod_mbox/hbase-dev/201803.mbox/%3CCAAjhxrriGy_UXpC4iHCSyBB18iAbjU3Y2%2BnjQ-66i9kPPCrPRQ%40mail.gmail.com%3E]
> TLDR; HBASE-19400 messed up perms required for flushing a table.
> ----
> Looks like flush and snapshot procedures are already doing permissions check 
> as part of preTableFlush/preSnapshot hooks. However, 
> LogRollMasterProcedureManager is missing access checks ([~elserj], can 
> someone look at it?)
>  
> With that, it makes no sense to put an ADMIN perm requirement which was added 
> by me in HBASE-19400. Removing it.
> However, to make things better for future, i have made few design changes 
> which will ensure 1) perm checks don't slip by mistake, 2) a suitable 
> placeholder for checks for flush & snapshot when we remove AccessController 
> for good.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (HBASE-20185) Fix ACL check for MasterRpcServices#execProcedure

Reply via email to