You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@zookeeper.apache.org by Michael Pratt <pr...@gmail.com> on 2015/03/04 18:35:28 UTC

Cannot delete node after setting ACL

I just recently started playing with ACLs and have managed to create a
ZNode that cannot be deleted or modified. Here is the sequence of events
using zkCli.sh:

[zk: host:2181(CONNECTED) 0] create /test2 ""
Created /test2
[zk: host:2181(CONNECTED) 1] getAcl /test2
'world,'anyone
: cdrwa
[zk: host:2181(CONNECTED) 2] setAcl /test2 digest:test:test:cdrwa
cZxid = 0x1a00b64ca2
ctime = Wed Mar 04 10:21:41 MST 2015
mZxid = 0x1a00b64ca2
mtime = Wed Mar 04 10:21:41 MST 2015
pZxid = 0x1a00b64ca2
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 2
numChildren = 0
[zk: dsearchpr001:2181(CONNECTED) 3] ls /test2
Authentication is not valid : /test2

Even after calling addauth, I am unable to modify or read the node:

[zk: dsearchpr001:2181(CONNECTED) 4] addauth digest test:test
[zk: dsearchpr001:2181(CONNECTED) 5] ls /test2
Authentication is not valid : /test2

I havent tried super digest yet because it's disabled and I dont want to
have to bounce our cluster just to delete a test node.

This is with ZK 3.4.6. Is this by design? It does work when I provide the
Base64 encoded password (generated using the provided digest tool), but it
seems like ZK should be a little more resilient to getting into this state.

Thanks,
Mike