You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@kudu.apache.org by "Alexey Serbin (Code Review)" <ge...@cloudera.org> on 2021/05/25 21:06:05 UTC
[kudu-CR] WIP [txn manager] allow service user to call txn-related RPCs
Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/17510
Change subject: WIP [txn_manager] allow service user to call txn-related RPCs
......................................................................
WIP [txn_manager] allow service user to call txn-related RPCs
Since we are planning to use transactional operations in kudu CLI tools
(e.g., in 'kudu perf loadgen'), it makes sense to allow txn-related RPCs
to be invoked by a service user since kudu CLI tools are often run
under 'kudu' user's credentials. This patch changes the RPC-level
coarse authz settings for all methods in the TxnManagerService from
"AuthorizeClient" to "AuthorizeClientOrServiceUser".
WIP:
* collect initial feedback?
* add tests
Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
---
M src/kudu/master/txn_manager.proto
1 file changed, 5 insertions(+), 5 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/10/17510/1
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Patch Set 3:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc
File src/kudu/master/txn_manager_service.cc:
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc@167
PS3, Line 167: AuthorizeClient
> nit: for consistency with the MasterService, let's call this AuthorizeClien
As I understand, renaming this into AuthorizeClientOrServiceUser would bring some inconsistency since AuthorizeClientOrServiceUser() assumes a service user is also granted a privilege, but here it's not the case.
Below is the code for AuthorizeClientOrServiceUser() from tserver:
bool TabletServiceImpl::AuthorizeClientOrServiceUser(const google::protobuf::Message* /*req*/,
google::protobuf::Message* /*resp*/,
RpcContext* context) {
return server_->Authorize(context, ServerBase::SUPER_USER | ServerBase::USER |
ServerBase::SERVICE_USER);
}
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 18:38:25 +0000
Gerrit-HasComments: Yes
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Patch Set 3:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc
File src/kudu/master/txn_manager_service.cc:
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc@167
PS3, Line 167: AuthorizeClient
> Ah indeed, seems like AuthorizClient is actually what the MasterService use
np, thanks a lot for the review!
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 19:32:11 +0000
Gerrit-HasComments: Yes
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Andrew Wong (Code Review)" <ge...@cloudera.org>.
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Patch Set 3: Code-Review+1
(1 comment)
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc
File src/kudu/master/txn_manager_service.cc:
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc@167
PS3, Line 167: AuthorizeClient
nit: for consistency with the MasterService, let's call this AuthorizeClientOrServiceUser?
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 17:54:41 +0000
Gerrit-HasComments: Yes
[kudu-CR] [txn manager] allow service user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow service user to call txn-related RPCs
......................................................................
Patch Set 2:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/17510/2//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/17510/2//COMMIT_MSG@11
PS2, Line 11: super user
I also had a version of this patch where a service user was able to call txn API as well, but it turned out that TabletServerService API isn't accessible to service users, e.g. TabletServerService::Write() is accessible only to regular and super users. With that, I don't quite see the necessity of allowing a service user to user txn API then.
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 16:57:48 +0000
Gerrit-HasComments: Yes
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
[txn_manager] allow a super user to call txn-related RPCs
Since we are planning to use transactional operations in kudu CLI tools
(e.g., in 'kudu perf loadgen'), it makes sense to allow txn-related RPCs
to be invoked by a super user as well since some kudu CLI tools are often
run under such credentials. This patch changes the RPC-level coarse authz
settings for all methods in the TxnManagerService accordingly.
I also had a version of this patch where a service user was able to call
txn API as well, but it turned out that TabletServerService API isn't
accessible to service users, e.g. TabletServerService::Write() is
accessible only to regular and super users. With that, I don't quite see
the necessity of allowing a service user to call txn API.
Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Reviewed-on: http://gerrit.cloudera.org:8080/17510
Tested-by: Alexey Serbin <as...@cloudera.com>
Reviewed-by: Andrew Wong <aw...@cloudera.com>
---
M src/kudu/integration-tests/security-itest.cc
M src/kudu/master/txn_manager_service.cc
2 files changed, 106 insertions(+), 17 deletions(-)
Approvals:
Alexey Serbin: Verified
Andrew Wong: Looks good to me, approved
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 4
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Andrew Wong (Code Review)" <ge...@cloudera.org>.
Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Patch Set 3: Code-Review+2
(1 comment)
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc
File src/kudu/master/txn_manager_service.cc:
http://gerrit.cloudera.org:8080/#/c/17510/3/src/kudu/master/txn_manager_service.cc@167
PS3, Line 167: AuthorizeClient
> As I understand, renaming this into AuthorizeClientOrServiceUser would brin
Ah indeed, seems like AuthorizClient is actually what the MasterService uses for USER|SUPER_USER. Sorry for the noise.
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 18:41:59 +0000
Gerrit-HasComments: Yes
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/17510 )
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Patch Set 3: Verified+1
Unrelated test failure in
org.apache.kudu.client.TestSecurity.testExternallyProvidedSubjectRefreshedExternally
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Wed, 26 May 2021 18:41:07 +0000
Gerrit-HasComments: No
[kudu-CR] [txn manager] allow service user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Hello Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/17510
to look at the new patch set (#2).
Change subject: [txn_manager] allow service user to call txn-related RPCs
......................................................................
[txn_manager] allow service user to call txn-related RPCs
Since we are planning to use transactional operations in kudu CLI tools
(e.g., in 'kudu perf loadgen'), it makes sense to allow txn-related RPCs
to be invoked by a super user since kudu CLI tools are often run under
such credentials. This patch changes the RPC-level coarse authz
settings for all methods in the TxnManagerService accordingly.
"AuthorizeClient" to "AuthorizeClientOrServiceUser".
Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
---
M src/kudu/integration-tests/security-itest.cc
M src/kudu/master/txn_manager_service.cc
2 files changed, 106 insertions(+), 17 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/10/17510/2
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Hello Kudu Jenkins, Andrew Wong,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/17510
to look at the new patch set (#3).
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
[txn_manager] allow a super user to call txn-related RPCs
Since we are planning to use transactional operations in kudu CLI tools
(e.g., in 'kudu perf loadgen'), it makes sense to allow txn-related RPCs
to be invoked by a super user as well since some kudu CLI tools are often
run under such credentials. This patch changes the RPC-level coarse authz
settings for all methods in the TxnManagerService accordingly.
I also had a version of this patch where a service user was able to call
txn API as well, but it turned out that TabletServerService API isn't
accessible to service users, e.g. TabletServerService::Write() is
accessible only to regular and super users. With that, I don't quite see
the necessity of allowing a service user to call txn API.
Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
---
M src/kudu/integration-tests/security-itest.cc
M src/kudu/master/txn_manager_service.cc
2 files changed, 106 insertions(+), 17 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/10/17510/3
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)
[kudu-CR] [txn manager] allow a super user to call txn-related RPCs
Posted by "Alexey Serbin (Code Review)" <ge...@cloudera.org>.
Alexey Serbin has removed a vote on this change.
Change subject: [txn_manager] allow a super user to call txn-related RPCs
......................................................................
Removed Verified-1 by Kudu Jenkins (120)
--
To view, visit http://gerrit.cloudera.org:8080/17510
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: deleteVote
Gerrit-Change-Id: I21e4b29634fd01f0ced80b54373b1ce156e274ad
Gerrit-Change-Number: 17510
Gerrit-PatchSet: 3
Gerrit-Owner: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Alexey Serbin <as...@cloudera.com>
Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com>
Gerrit-Reviewer: Kudu Jenkins (120)