You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Jerry He (JIRA)" <ji...@apache.org> on 2017/08/18 03:56:00 UTC

[jira] [Resolved] (HBASE-9417) SecureBulkLoadEndpoint should be folded in core

     [ https://issues.apache.org/jira/browse/HBASE-9417?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jerry He resolved HBASE-9417.
-----------------------------
       Resolution: Duplicate
    Fix Version/s:     (was: 2.0.0-alpha-3)

> SecureBulkLoadEndpoint should be folded in core
> -----------------------------------------------
>
>                 Key: HBASE-9417
>                 URL: https://issues.apache.org/jira/browse/HBASE-9417
>             Project: HBase
>          Issue Type: Bug
>          Components: regionserver, security
>            Reporter: Enis Soztutar
>            Priority: Critical
>
> In unsecure bulk loading, the client creates the files to be bulk loaded, and asks the regionservers to do the operation. Bulk loading is performed by a move, which would mean that the hbase user has to have WRITE permissions for the bulk loaded files. If the client who has generated the files is different than the hbase user, this creates an access denied exception if complete bulk load is not run as the hbase user.
> I think even for unsecure mode, we should mimic what SecureBulkLoadEndpoint does, where hbase creates a staging directory and the client hands off the files to that directory with global perms. 
> Update: Now that HBASE-12052 enables running SecureBulkLoadEndpoint even in unsecure deployments, we should consider bringing SecureBulkLoad into core HBase (meaning implement the functionality in RegionServer instead of in the coprocessor). 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)