>> The way this is set up it seems only a superuser enabled cluster can use the reconfig command.
You can also configure the ACL associated with the "/config" znode so your chosen users have permission to both read and write the config znode, after they are authenticated (using your favorite authentication scheme built in ZK, such as SASL). This way you don't have to operate under the credential of superuser. By default, in 3.5.3 beta the "/config" znode is read only, which effectively disables reconfig API except for superuser who does not subject to ACL check. On Tue, Oct 17, 2017 at 4:36 PM, Alexander Shraer <[email protected]> wrote: > Hi, > > Please look for "sc_reconfig_access_control" > Here: > https://github.com/apache/zookeeper/blob/master/docs/ > zookeeperReconfig.html > > Thanks, > Alex > > On Tue, Oct 17, 2017 at 3:18 AM, oo4load <[email protected]> wrote: > > > I have a 3.5.3 cluster where I am trying out the reconfig command. I am > > running with reconfigEnabled=true. > > When I try reconfig I run into an issue with ACL. > > > > [zk: localhost:2181(CONNECTED) 9] reconfig -remove 2 > > Authentication is not valid : > > > > The config node is protected: > > [zk: localhost:2181(CONNECTED) 6] getAcl /zookeeper/config > > 'world,'anyone > > : r > > > > > > The way this is set up it seems only a superuser enabled cluster can use > > the > > reconfig command. Is that true, or am I missing something ? The > > documentation never mentioned it. > > > > > > > > > > -- > > Sent from: http://zookeeper-user.578899.n2.nabble.com/ > > >
