[jira] [Commented] (HBASE-13283) Document the steps for rolling back the security on hbase.

Srikanth Srungarapu (JIRA) Fri, 20 Mar 2015 00:12:07 -0700

    [ 
https://issues.apache.org/jira/browse/HBASE-13283?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14370883#comment-14370883
 ]


Srikanth Srungarapu commented on HBASE-13283:
---------------------------------------------

[~apurtell] You might have used wrong jira number while making the commit. The 
commit(38286ec3a0d39f4a14777a81a99024bc8266c8d7) has the following changes 
{code}
+Groups can be granted visibility labels the same way as users. Groups are 
prefixed with an @ symbol. When checking visibility labels of a user, the 
server wi
+When the visibility labels are retrieved using API `VisibilityClient#getAuths` 
or Shell command `get_auths` for a user, we will return labels added specifica
+
 Visibility label access checking is performed by the VisibilityController 
coprocessor.
 You can use interface `VisibilityLabelService` to provide a custom 
implementation and/or control the way that visibility labels are stored with 
cells.
 See the source file 
_hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithCustomVisLabService.java_
        for one 
@@ -1171,12 +1174,16 @@ hbase> set_auths 'service', [ 'service' ]
 ----
 
 ----
-gbase> set_auths 'testuser', [ 'test' ]
+hbase> set_auths 'testuser', [ 'test' ]
 ----
 
 ----
 hbase> set_auths 'qa', [ 'test', 'developer' ]
 ----
+
+----
+hbase> set_auths '@qagroup', [ 'test' ]
+----
 ====
 +
 .Java API
@@ -1213,6 +1220,10 @@ hbase> clear_auths 'testuser', [ 'test' ]
 ----
 hbase> clear_auths 'qa', [ 'test', 'developer' ]
 ----
+
+----
+hbase> clear_auths '@qagroup', [ 'test', 'developer' ]
+----
 {code}

> Document the steps for rolling back the security on hbase.
> ----------------------------------------------------------
>
>                 Key: HBASE-13283
>                 URL: https://issues.apache.org/jira/browse/HBASE-13283
>             Project: HBase
>          Issue Type: Sub-task
>            Reporter: Srikanth Srungarapu
>             Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.12
>
>
> Would be great to document the steps the user should follow to rollback the 
> security. The following are 
>    * shutdown hbase
>    * run hbase clean up script with --cleanAcls introduced in HBASE-13162. 
>    * remove from the hbase-site.xml conf
> {code}
>         hbase.security.authentication
>         hbase.regionserver.kerberos.principal
>         hbase.regionserver.keytab.file
>         hbase.master.kerberos.principal
>         hbase.master.keytab.file
> {code}
> * Removing AccessController coprocessors from hbase-site.xml
> * Address "hbase.security.authorization" based on outcome of HBASE-13275.
> cc: [~misty]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (HBASE-13283) Document the steps for rolling back the security on hbase.

Reply via email to