[ https://issues.apache.org/jira/browse/ACCUMULO-2806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13997850#comment-13997850 ]
Christopher Tubbs commented on ACCUMULO-2806: --------------------------------------------- Clients do not need access to /accumulo/instance_id. They should not be using that. They should be specifying their instance with the ZooKeeperInstance with an instanceName. Some client commands (notably, the shell) will default to trying to read HDFS for the instance_id if no ZK options are specified. I think that's fine to fail if they aren't running as the same user as the accumulo services. We should just lock down the parent directory. As an aside, do you know what the expected behavior is if the specified volume(s) already exist/don't exist in HDFS is when you execute init? This ticket seems to imply the pre-1.6 behavior with only a single HDFS path. How do the new multiple volumes configuration change this ticket (if at all)? > Accumulo init should ensure wals and tables are not world readable > ------------------------------------------------------------------ > > Key: ACCUMULO-2806 > URL: https://issues.apache.org/jira/browse/ACCUMULO-2806 > Project: Accumulo > Issue Type: Bug > Affects Versions: 1.6.0 > Reporter: Sean Busbey > Priority: Critical > Fix For: 1.6.1, 1.7.0 > > > Just did an init on a new 1.6.1-SNAP cluster, and noticed the following > permissions: > {noformat} > dfs -ls / > Found 4 items > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:48 /accumulo > drwxr-xr-x - hdfs supergroup 0 2014-05-14 08:10 /jobtracker > drwxrwxrwx - hdfs supergroup 0 2014-05-14 08:10 /tmp > drwxr-xr-x - hdfs supergroup 0 2014-05-14 09:48 /user > -bash-4.1$ hdfs dfs -ls /accumulo > Found 3 items > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 > /accumulo/instance_id > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 > /accumulo/tables > drwxr-xr-x - accumulo supergroup 0 2014-05-14 09:55 > /accumulo/version > {noformat} > I previously set up /accumulo as 755, under the understanding that clients > need access to /accumulo/instance_id > things to fix > # make init chmod tables and wals to 700, as a defensive measure to avoid > data leaks > # maybe also make sure if the trash is enabled that our user directory is > also not world readable > # If clients don't need access to instance_id, include a check that the data > dir is not world readable > Workaround: manually change permissions after init -- This message was sent by Atlassian JIRA (v6.2#6252)