________________________________
From: joe smith <[email protected]>
Sent: Tuesday, May 2, 2017 8:40 AM
To: [email protected]
Subject: Acl block detete not working
Hi,
I'm using 3.4.10 and setting custom aol to block deletion of a znode. However,
I'm able to delete the node even after I've set acl from cdrwa to crwa.
Can anyone point out if I missed some step.
Thanks for the help
Here is the trace:
[zk: localhost:2181(CONNECTED) 0] ls /
[zookeeper]
[zk: localhost:2181(CONNECTED) 1] create /test "data"Created /test
[zk: localhost:2181(CONNECTED) 2] ls /[zookeeper, test]
[zk: localhost:2181(CONNECTED) 3] addauth myfqdn localhost
[zk: localhost:2181(CONNECTED) 4] setAcl /test myfqdn:localhost:cracZxid = 0x2
ctime = Tue May 02 08:28:42 EDT 2017
mZxid = 0x2
mtime = Tue May 02 08:28:42 EDT 2017
pZxid = 0x2
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
MG>in SetAclCommand you can see the acl being parsed and acl being set by
setAcl into zk object
List<ACL> acl = AclParser.parse(aclStr);
int version;
if (cl.hasOption("v")) {
version = Integer.parseInt(cl.getOptionValue("v"));
} else {
version = -1;
}
try {
Stat stat = zk.setACL(path, acl, version);
MG>later on in DeleteCommand there is no check for aforementioned acl parameter
public boolean exec() throws KeeperException, InterruptedException {
String path = args[1];
int version;
if (cl.hasOption("v")) {
version = Integer.parseInt(cl.getOptionValue("v"));
} else {
version = -1;
}
try {
zk.delete(path, version);
} catch(KeeperException.BadVersionException ex) {
err.println(ex.getMessage());
}
return false;
MG>as seen here the testCase works properly saving the Zookeeper object
LsCommand entity = new LsCommand();
entity.setZk(zk);
MG>but setACL does not save the zookeeper object anywhere but instead seems to
discard zookeeper object with accompanying ACLs
MG>can you report this bug to Zookeeper?
https://issues.apache.org/jira/browse/ZOOKEEPER/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel
ZooKeeper - ASF JIRA -
issues.apache.org<https://issues.apache.org/jira/browse/ZOOKEEPER/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel>
issues.apache.org
Apache ZooKeeper is a service for coordinating processes of distributed
applications. Versions: Unreleased. Name Release date; Unreleased 3.2.3 :
Unreleased 3.3.7
MG>Thanks Joe!
[zk: localhost:2181(CONNECTED) 5] getAcl /test'myfqdn,'localhost
: cra
[zk: localhost:2181(CONNECTED) 6] get /testdata
cZxid = 0x2
ctime = Tue May 02 08:28:42 EDT 2017
mZxid = 0x2
mtime = Tue May 02 08:28:42 EDT 2017
pZxid = 0x2
cversion = 0
dataVersion = 0
aclVersion = 1
ephemeralOwner = 0x0
dataLength = 4
numChildren = 0
[zk: localhost:2181(CONNECTED) 7] set /test "testwrite"Authentication is not
valid : /test
[zk: localhost:2181(CONNECTED) 8] delete /test
[zk: localhost:2181(CONNECTED) 9] ls /[zookeeper]
[zk: localhost:2181(CONNECTED) 10]
The auth provider imple is here:
http://s000.tinyupload.com/?file_id=42827186839577179157
TinyUpload.com - best file hosting solution, with no limits, totaly
free<http://s000.tinyupload.com/?file_id=42827186839577179157>
s000.tinyupload.com
TinyUpload.com - solution for tiny file hosting. No download limits, no upload
limit. Totaly free.
| |
