Support Questions

slm · ‎07-21-2016

We recently started implementing HBase namespaces + ACLs and have run into an issue. According to the docs: http://hbase.apache.org/0.94/book/ops.snapshots.html:

14.8.7. Snapshots operations and ACLs

If you are using security with the AccessController Coprocessor (See Section 8.2, “Access Control”), only a global administrator can take, clone, or restore a snapshot, and these actions do not capture the ACL rights. This means that restoring a table preserves the ACL rights of the existing table, while cloning a table creates a new table that has no ACL rights until the administrator adds them.

Our application requires the ability to take a snapshot of a specific table, clone it, and then

Questions

Why does the snapshot mechanism require this high level access to function?
Is this something that will change over time or is this the design and it's being done this way for a specific purpose?

tyu · ‎07-21-2016

ACLs were not part of the core hbase (implemented through coprocessor). We were adding to a core functionality knowledge about an external component (ACL).

There was the discussion about the meaning of restoring the acls that we snapshotted (see HBASE-11013).

Please consult with the following for up-to-date ACL:

http://hbase.apache.org/book.html#appendix_acl_matrix

We cannot allow any user to restore any snapshot otherwise you'll be able to see data that is not yours.

There is no ACL on snapshot to say "allow this user to restore/clone" the snapshot.

View solution in original post

tyu · ‎07-21-2016