You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Gregory Chanan (JIRA)" <ji...@apache.org> on 2015/05/15 03:40:59 UTC

[jira] [Commented] (HADOOP-11973) Some ZkDelegationTokenSecretManager znodes do not have ACLs

    [ https://issues.apache.org/jira/browse/HADOOP-11973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14544752#comment-14544752 ] 

Gregory Chanan commented on HADOOP-11973:
-----------------------------------------

any ideas [~asuresh]?

> Some ZkDelegationTokenSecretManager znodes do not have ACLs
> -----------------------------------------------------------
>
>                 Key: HADOOP-11973
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11973
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.6.0
>            Reporter: Gregory Chanan
>
> I recently added an ACL Provider to the curator framework instance I pass to the ZkDelegationTokenSecretManager, and notice some strangeness around ACLs.
> I set: "zk-dt-secret-manager.znodeWorkingPath" to:
> "solr/zkdtsm"
> and notice that
> /solr/zkdtsm/
> /solr/zkdtsm/ZKDTSMRoot
> do not have ACLs
> but all the znodes under /solr/zkdtsm/ZKDTSMRoot have ACLs.  From adding some logging, it looks like the ACLProvider is never called for /solr/zkdtsm and /solr/zkdtsm/ZKDTSMRoot.  I don't know if that's a Curator or ZkDelegationTokenSecretManager issue.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)