[
https://issues.apache.org/jira/browse/HBASE-11013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16007604#comment-16007604
]
Zheng Hu commented on HBASE-11013:
----------------------------------
bq. Can we be careful and make sure we do not break an hbase-2.0.0 being able
to read old hbase-1.x manifests?
[~stack], Yes, we can read old hbase-1.x manifests. In
HBASE-11013.master.addendum.patch, I moved SnapshotDescription PB into
Snapshot.proto and add an optional UsersAndPermissions field , which is
imported from AccessControl.proto under hbase-protocol-shaded. PB moving is
OK for compatibility
. For AccessControl.proto under hbase-protocol-shaded, we only use it for
serializing/deserializing user's permission in .snapshotinfo, and CPEP still
use AccessControl.proto under hbase-protocol. So old CPEPs will work fine.
> Clone Snapshots on Secure Cluster Should provide option to apply Retained
> User Permissions
> ------------------------------------------------------------------------------------------
>
> Key: HBASE-11013
> URL: https://issues.apache.org/jira/browse/HBASE-11013
> Project: HBase
> Issue Type: Improvement
> Components: snapshots
> Reporter: Ted Yu
> Assignee: Zheng Hu
> Fix For: 2.0.0
>
> Attachments: HBASE-11013.master.addendum.patch, HBASE-11013.v1.patch,
> HBASE-11013.v2.patch
>
>
> Currently,
> {code}
> sudo su - test_user
> create 't1', 'f1'
> sudo su - hbase
> snapshot 't1', 'snap_one'
> clone_snapshot 'snap_one', 't2'
> {code}
> In this scenario the user - test_user would not have permissions for the
> clone table t2.
> We need to add improvement feature such that the permissions of the original
> table are recorded in snapshot metadata and an option is provided for
> applying them to the new table as part of the clone process.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
