Christopher Tubbs created ACCUMULO-1583:
-------------------------------------------
Summary: RPC from "system" user with wrong credentials will kill a
tablet server
Key: ACCUMULO-1583
URL: https://issues.apache.org/jira/browse/ACCUMULO-1583
Project: Accumulo
Issue Type: Bug
Affects Versions: 1.5.0
Reporter: Christopher Tubbs
Assignee: Christopher Tubbs
Priority: Critical
Fix For: 1.6.0
I found this issue in the TabletServer code, where for certain operations
(chop, compact, flush, flushTablet, getActiveCompations, getActiveScans, halt,
loadTablet, and unloadTablet), the RPC user's permissions are checked (and they
are expected to be the system user), and if they aren't correct, the
TabletServer will simply voluntarily kill itself. This is a problem, because
the TabletServer assumes it is the problem, instead of the incoming credentials.
The Master may rely on this behavior to force tablets to be unloaded if a
TServer is bad. However, it should probably just try to delete the lock in
zookeeper instead. After all, if it can delete the lock in zookeeper, it has
the correct configuration, and it can be assumed that the TServer is the one
that is wrong.
(see o.a.a.server.tabletserver.TabletServer.checkPermission())
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
