You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by "Guangxu Cheng (Jira)" <ji...@apache.org> on 2020/02/26 11:11:00 UTC

[jira] [Created] (HBASE-23896) Snapshot owner cannot delete snapshot when ACL is enabled and Kerberos is not enabled

Guangxu Cheng created HBASE-23896:
-------------------------------------

             Summary: Snapshot owner cannot delete snapshot when ACL is enabled and Kerberos is not enabled
                 Key: HBASE-23896
                 URL: https://issues.apache.org/jira/browse/HBASE-23896
             Project: HBase
          Issue Type: Task
    Affects Versions: 2.2.3, 3.0.0
            Reporter: Guangxu Cheng
            Assignee: Guangxu Cheng


When ACL is enabled and Kerberos is not enabled, the snapshot owner cannot delete the snapshot. This is because the owner of the snapshot cannot be taken during permission verification. By investigation, found that only after HBase has enabled security authentication, the owner will be set when doing snapshot. 

SnapshotManager#takeSnapshotInternal
{code:title=SnapshotManager.java|borderStyle=solid}
RpcServer.getRequestUser().ifPresent(user -> {
  if (User.isHBaseSecurityEnabled(master.getConfiguration())) {
    builder.setOwner(user.getShortName());
  }
});
{code}


 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)