Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-2584

when setquota for a znode and set ip/user ACL on /zookeeper/quota, still able to delete the quota from client with another ip though it says "Authentication is not valid"

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.5.1
    • None
    • server
    • None

    Description

      when setquota for a znode and set ip/user ACL on /zookeeper/quota, still able to delete the quota from client with another ip though it says "Authentication is not valid"

      >> Set quota and ip ACL from one client (with IP 10.18.101.80)
      [zk: 10.18.101.80:2181(CONNECTED) 9] setquota -n 10 /test
      [zk: 10.18.101.80:2181(CONNECTED) 10] setAcl /zookeeper/quota ip:10.18.101.80:crdwa
      [zk: 10.18.101.80:2181(CONNECTED) 11]

      >> Try to delete the set quota using different client(with ip 10.18.219.50)
      [zk: 10.18.219.50:2181(CONNECTED) 22] listquota /test
      absolute path is /zookeeper/quota/test/zookeeper_limits
      Output quota for /test count=10,bytes=-1
      Output stat for /test count=1,bytes=5
      [zk: 10.18.219.50:2181(CONNECTED) 23] delquota /test
      Authentication is not valid : /zookeeper/quota/test
      [zk: 10.18.219.50:2181(CONNECTED) 24] listquota /test
      absolute path is /zookeeper/quota/test/zookeeper_limits
      quota for /test does not exist.

      >> Here quota has been deleted though it is saying "Authentication is not valid.." which is not correct.
      Now try to set the quota from another ip itself, it fails which is as expected

      [zk: 10.18.219.50:2181(CONNECTED) 25] setquota -n 10 /test
      Authentication is not valid : /zookeeper/quota/test
      [zk: 10.18.219.50:2181(CONNECTED) 26] listquota /test
      absolute path is /zookeeper/quota/test/zookeeper_limits
      quota for /test does not exist.

      >> Sameway when we set user ACL...
      [zk: 10.18.101.80:2181(CONNECTED) 26] addauth digest user:pass
      [zk: 10.18.101.80:2181(CONNECTED) 27] create /test hello
      Node already exists: /test
      [zk: 10.18.101.80:2181(CONNECTED) 28] delete /test
      [zk: 10.18.101.80:2181(CONNECTED) 29] create /test hello
      Created /test
      [zk: 10.18.101.80:2181(CONNECTED) 30]
      [zk: 10.18.101.80:2181(CONNECTED) 30] setquota -n 10 /test
      [zk: 10.18.101.80:2181(CONNECTED) 31] setAcl /zookeeper/quota auth:user:pass:crdwa
      [zk: 10.18.101.80:2181(CONNECTED) 32]

      [zk: 10.18.219.50:2181(CONNECTED) 27] listquota /test
      absolute path is /zookeeper/quota/test/zookeeper_limits
      Output quota for /test count=10,bytes=-1
      Output stat for /test count=1,bytes=5
      [zk: 10.18.219.50:2181(CONNECTED) 28] delquota /test
      Authentication is not valid : /zookeeper/quota/test
      [zk: 10.18.219.50:2181(CONNECTED) 29] listquota /test
      absolute path is /zookeeper/quota/test/zookeeper_limits
      quota for /test does not exist.
      [zk: 10.18.219.50:2181(CONNECTED) 30]

      Attachments

        Activity

          People

            rakeshsingh Rakesh Kumar Singh
            rakeshsingh Rakesh Kumar Singh
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: