Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-44

Master Detector uses the wrong ACL when auth is not required

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 0.9.0
    • 0.10.0
    • master
    • None

    Description

      Master detector uses the following ACL regardless of auth credentials:

      static ACL _EVERYONE_READ_CREATOR_ALL_ACL[] = {

      {ZOO_PERM_READ, ZOO_ANYONE_ID_UNSAFE}

      ,

      {ZOO_PERM_ALL, ZOO_AUTH_IDS}

      };

      But this ACL doesn't work with the (default) ZK server when there are no auth credentials provided.

      2 ways to fix this:

      1) Short term: Start the java ZK server with the flag "-Dzookeeper.skipACL=yes"

      2) Long term: Fix the detector code, to use a different ACL (ZOO_OPEN_ACL_UNSAFE) when no auth is provided. This is what the new replicated log does.

      Attachments

        1. 0002-Detector-ACL-fix.patch
          2 kB
          Vinod Kone

        Activity

          People

            vinodkone Vinod Kone
            vinodkone Vinod Kone
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: