There are shell commands available for managing ACLs: grant, revoke, and
user_permission. Use these.
- Andy
On Monday, June 4, 2012, Anoop Sam John wrote:
> Hi
>
> >it's sort of funny that I can still access the -ROOT- & .META. tables
> >without permissions. Do you think this is a bug? or am I doing something
> >wrong?
> No. The catalog tables are given with read permission for every one as
> the client scans these tables in Put/Scan cases for other tables.
>
> You can use grant() and remove() functions provided in AccessController
> for controlling the users and admins etc.
>
> -Anoop-
> ________________________________________
> From: Ben Kim [[email protected] <javascript:;>]
> Sent: Monday, June 04, 2012 11:53 AM
> To: [email protected] <javascript:;>
> Subject: accessing _acl_ from hbase client
>
> Is there any way a client can access the _acl_ table?
> I want an administrator to be able to control the user access to all
> tables.
> In order to do this I'll need to access the _acl_ table from the HBase
> client.
> I'm thinking of something like Mysql user table which has all access
> permissions to tables.
>
> I already tried giving _acl_ access permission to the Admin user, (grant
> 'Admin', 'RW', '_acl_')
> but scanning through the _acl_ table with Admin user wasn't allowed.
>
> it's sort of funny that I can still access the -ROOT- & .META. tables
> without permissions. Do you think this is a bug? or am I doing something
> wrong?
>
> Thank you in advance.
> --
>
> *Benjamin Kim*
> *benkimkimben at gmail*
>
--
Best regards,
- Andy
Problems worthy of attack prove their worth by hitting back. - Piet Hein
(via Tom White)
