[ https://issues.apache.org/jira/browse/HBASE-11013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16007604#comment-16007604 ]
Zheng Hu commented on HBASE-11013: ---------------------------------- bq. Can we be careful and make sure we do not break an hbase-2.0.0 being able to read old hbase-1.x manifests? [~stack], Yes, we can read old hbase-1.x manifests. In HBASE-11013.master.addendum.patch, I moved SnapshotDescription PB into Snapshot.proto and add an optional UsersAndPermissions field , which is imported from AccessControl.proto under hbase-protocol-shaded. PB moving is OK for compatibility . For AccessControl.proto under hbase-protocol-shaded, we only use it for serializing/deserializing user's permission in .snapshotinfo, and CPEP still use AccessControl.proto under hbase-protocol. So old CPEPs will work fine. > Clone Snapshots on Secure Cluster Should provide option to apply Retained > User Permissions > ------------------------------------------------------------------------------------------ > > Key: HBASE-11013 > URL: https://issues.apache.org/jira/browse/HBASE-11013 > Project: HBase > Issue Type: Improvement > Components: snapshots > Reporter: Ted Yu > Assignee: Zheng Hu > Fix For: 2.0.0 > > Attachments: HBASE-11013.master.addendum.patch, HBASE-11013.v1.patch, > HBASE-11013.v2.patch > > > Currently, > {code} > sudo su - test_user > create 't1', 'f1' > sudo su - hbase > snapshot 't1', 'snap_one' > clone_snapshot 'snap_one', 't2' > {code} > In this scenario the user - test_user would not have permissions for the > clone table t2. > We need to add improvement feature such that the permissions of the original > table are recorded in snapshot metadata and an option is provided for > applying them to the new table as part of the clone process. -- This message was sent by Atlassian JIRA (v6.3.15#6346)