[clue] impersonation

David L. Willson DLWillson at TheGeek.NU
Tue Apr 22 11:17:57 MDT 2014


Here's the problem which leads to my impersonation question: Hadoop's HDFS only does traditional unix permissions (No ACL's). We want some writers, some readers, and some no access.

We've decided that the best solution is to let user do the writing, group do the reading, and others get no access. Then, members of some group have the right to impersonate user to do writes.

Maybe there's a better way to do it?

--
David L. Willson
Teacher, Engineer, Evangelist
RHCE+Satellite CCAH Network+ A+ Linux+ LPIC-1 UbuntuCP NovellCLA
Mobile 720-333-LANS(5267)
http://sofree.us

This is a good time for a r3VOLution.

----- Original Message -----
> David L. Willson wrote:
> > How do you let one non-privileged user impersonate (become) another
> > non-privileged user?
> >
> > When *I* need to impersonate a user, I run: sudo su - some_user,
> > but I don't want the regular
> > users doing that. Or, do I?
> 
> What does it mean to be a user?  Seems like it means you want to
> identify someone to the system.
> You seem to be wanting that identity to be ambiguous.
> 
> So make one account that everyone uses.
> 
> Or make all the accounts use the same password.
> 
> I guess with virtualization you could come up with even stranger
> approaches.
> 
> Dave
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
> 


More information about the clue mailing list