@Test
  public void testTerminateQueueCannotDeleteDirectory() throws IOException {
    String queueName = "queueCannotDelete";
    File queueDir = new File("target", queueName);
    ReportExporter exporter = mock(ReportExporter.class);
    BatchProcessorConfig config = mock(BatchProcessorConfig.class);
    when(config.getDataDirectory()).thenReturn("target");
    when(config.getQueueSize()).thenReturn(5);
    FileUtil.deleteDirectory(queueDir);

    queueFactory = new QueueFactory(config, exporter);

    Set<PosixFilePermission> permissions = new HashSet<>();
    permissions.add(PosixFilePermission.OWNER_READ);

    queueFactory.create(queueName);
    assertTrue(queueDir.exists());
    Files.setPosixFilePermissions(queueDir.toPath(), permissions);

    try {
      queueFactory.terminate(queueName);
      fail("Expected IllegalStateException");
    } catch (IllegalStateException e) {
      assertTrue(true);
    }

    permissions = new HashSet<>();
    permissions.add(PosixFilePermission.OWNER_WRITE);
    permissions.add(PosixFilePermission.OWNER_READ);
    permissions.add(PosixFilePermission.OWNER_EXECUTE);
    Files.setPosixFilePermissions(queueDir.toPath(), permissions);
    FileUtil.deleteDirectory(queueDir);
  }
Exemple #2
0
  private synchronized void saveProperties(final Properties nifiProps, final Logger logger)
      throws IOException {
    final File statusFile = getStatusFile(logger);
    if (statusFile.exists() && !statusFile.delete()) {
      logger.warn("Failed to delete {}", statusFile);
    }

    if (!statusFile.createNewFile()) {
      throw new IOException("Failed to create file " + statusFile);
    }

    try {
      final Set<PosixFilePermission> perms = new HashSet<>();
      perms.add(PosixFilePermission.OWNER_READ);
      perms.add(PosixFilePermission.OWNER_WRITE);
      Files.setPosixFilePermissions(statusFile.toPath(), perms);
    } catch (final Exception e) {
      logger.warn(
          "Failed to set permissions so that only the owner can read status file {}; "
              + "this may allows others to have access to the key needed to communicate with NiFi. "
              + "Permissions should be changed so that only the owner can read this file",
          statusFile);
    }

    try (final FileOutputStream fos = new FileOutputStream(statusFile)) {
      nifiProps.store(fos, null);
      fos.getFD().sync();
    }

    logger.debug("Saved Properties {} to {}", new Object[] {nifiProps, statusFile});
  }
 @Override
 public void setBlobAccess(String container, String name, BlobAccess access) {
   Path path = new File(buildPathStartingFromBaseDir(container, name)).toPath();
   if (isWindows()) {
     try {
       if (access == BlobAccess.PRIVATE) {
         setPrivate(path);
       } else {
         setPublic(path);
       }
     } catch (IOException e) {
       throw new RuntimeException(e);
     }
   } else {
     Set<PosixFilePermission> permissions;
     try {
       permissions = getPosixFilePermissions(path);
       if (access == BlobAccess.PRIVATE) {
         permissions.remove(PosixFilePermission.OTHERS_READ);
       } else if (access == BlobAccess.PUBLIC_READ) {
         permissions.add(PosixFilePermission.OTHERS_READ);
       }
       setPosixFilePermissions(path, permissions);
     } catch (IOException ioe) {
       throw Throwables.propagate(ioe);
     }
   }
 }
 private void disableLogFileAccess() throws IOException {
   logFile.createNewFile();
   logFile.deleteOnExit();
   Path path = Paths.get(logFile.toURI());
   Set<PosixFilePermission> permissions = Collections.emptySet();
   try {
     Files.setPosixFilePermissions(path, permissions);
   } catch (UnsupportedOperationException e) {
     path.toFile().setReadOnly();
   }
 }
 private void createTmpFile(Path filePath, String content, String exceptionPrefix) {
   try (BufferedWriter out = Files.newBufferedWriter(filePath, Charset.defaultCharset())) {
     Set<PosixFilePermission> permissions = new HashSet<>();
     permissions.add(PosixFilePermission.OWNER_READ);
     permissions.add(PosixFilePermission.OWNER_WRITE);
     Files.setPosixFilePermissions(filePath, permissions);
     out.write(content);
   } catch (Exception e) {
     throw SyssvcException.syssvcExceptions.localRepoError(exceptionPrefix + e);
   }
 }
  // "randomize" the file attributes of the given file.
  static void randomizeAttributes(Path file) throws IOException {
    String os = System.getProperty("os.name");
    boolean isWindows = os.startsWith("Windows");
    boolean isUnix = os.equals("SunOS") || os.equals("Linux");
    boolean isDirectory = isDirectory(file, NOFOLLOW_LINKS);

    if (isUnix) {
      Set<PosixFilePermission> perms = getPosixFilePermissions(file, NOFOLLOW_LINKS);
      PosixFilePermission[] toChange = {
        PosixFilePermission.GROUP_READ,
        PosixFilePermission.GROUP_WRITE,
        PosixFilePermission.GROUP_EXECUTE,
        PosixFilePermission.OTHERS_READ,
        PosixFilePermission.OTHERS_WRITE,
        PosixFilePermission.OTHERS_EXECUTE
      };
      for (PosixFilePermission perm : toChange) {
        if (heads()) {
          perms.add(perm);
        } else {
          perms.remove(perm);
        }
      }
      setPosixFilePermissions(file, perms);
    }

    if (isWindows) {
      DosFileAttributeView view =
          getFileAttributeView(file, DosFileAttributeView.class, NOFOLLOW_LINKS);
      // only set or unset the hidden attribute
      view.setHidden(heads());
    }

    boolean addUserDefinedFileAttributes =
        heads() && getFileStore(file).supportsFileAttributeView("xattr");

    // remove this when copying a direcory copies its named streams
    if (isWindows && isDirectory) addUserDefinedFileAttributes = false;

    if (addUserDefinedFileAttributes) {
      UserDefinedFileAttributeView view =
          getFileAttributeView(file, UserDefinedFileAttributeView.class);
      int n = rand.nextInt(16);
      while (n > 0) {
        byte[] value = new byte[1 + rand.nextInt(100)];
        view.write("user." + Integer.toString(n), ByteBuffer.wrap(value));
        n--;
      }
    }
  }
  /**
   * Makes home folder and the configuration file readable and writable only to the owner.
   *
   * @param cs the <tt>ConfigurationService</tt> instance to check for home folder and configuration
   *     file.
   */
  private static void fixPermissions(ConfigurationService cs) {
    if (!OSUtils.IS_LINUX && !OSUtils.IS_MAC) return;

    try {
      // let's check config file and config folder
      File homeFolder = new File(cs.getScHomeDirLocation(), cs.getScHomeDirName());
      Set<PosixFilePermission> perms =
          new HashSet<PosixFilePermission>() {
            {
              add(PosixFilePermission.OWNER_READ);
              add(PosixFilePermission.OWNER_WRITE);
              add(PosixFilePermission.OWNER_EXECUTE);
            }
          };
      Files.setPosixFilePermissions(Paths.get(homeFolder.getAbsolutePath()), perms);

      String fileName = cs.getConfigurationFilename();
      if (fileName != null) {
        File cf = new File(homeFolder, fileName);
        if (cf.exists()) {
          perms =
              new HashSet<PosixFilePermission>() {
                {
                  add(PosixFilePermission.OWNER_READ);
                  add(PosixFilePermission.OWNER_WRITE);
                }
              };
          Files.setPosixFilePermissions(Paths.get(cf.getAbsolutePath()), perms);
        }
      }
    } catch (Throwable t) {
      logger.error("Error creating c lib instance for fixing file permissions", t);

      if (t instanceof InterruptedException) Thread.currentThread().interrupt();
      else if (t instanceof ThreadDeath) throw (ThreadDeath) t;
    }
  }
 public void write(String dir, InputStream inputStream, String fileName) {
   try {
     File file = new File(dir + "/" + fileName);
     file.deleteOnExit();
     FileOutputStream outputStream = new FileOutputStream(file);
     copy(inputStream, outputStream);
     closeQuietly(inputStream);
     closeQuietly(outputStream);
     Set<PosixFilePermission> perms = new HashSet<>();
     perms.add(OWNER_READ);
     perms.add(OWNER_WRITE);
     perms.add(OWNER_EXECUTE);
     setPosixFilePermissions(file.toPath(), perms);
   } catch (IOException e) {
     // TODO:: throw an appropriate exception
   }
 }
  @Override
  public OutputStream receiveUpload(String fileName, String mimeType) {

    FileOutputStream outStream = null;

    try {
      File file = keyService.addFile(username, keyNameField.getValue(), fileName);
      outStream = new FileOutputStream(file);
      /** SSH requires that key files only have read-write permissions for OWNER */
      Set<PosixFilePermission> permissions = new HashSet<PosixFilePermission>();
      permissions.add(PosixFilePermission.OWNER_READ);
      permissions.add(PosixFilePermission.OWNER_WRITE);
      Files.setPosixFilePermissions(file.toPath(), permissions);
    } catch (IOException e) {
      LOG.error("Error while setting key file permissions.", e);
    }

    return outStream;
  }
  public int execute(String[] args, @Nullable Path workingDir) throws IOException {
    if (!Files.isExecutable(file)) {
      Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>();
      perms.add(PosixFilePermission.OWNER_READ);
      perms.add(PosixFilePermission.OWNER_EXECUTE);
      Files.setPosixFilePermissions(file, perms);
    }

    ExecuteWatchdog watchdog = new ExecuteWatchdog(TIMEOUT);
    CommandLine cmd = new CommandLine(file.toFile());
    cmd.addArguments(args);
    DefaultExecutor exec = new DefaultExecutor();
    exec.setWatchdog(watchdog);
    exec.setStreamHandler(createStreamHandler());
    exec.setExitValues(null);
    if (workingDir != null) {
      exec.setWorkingDirectory(workingDir.toFile());
    }
    in.close();
    LOG.info("Executing: {}", cmd.toString());
    return exec.execute(cmd);
  }
  /*
   * Make file non-readable by modifying its permissions.
   * If file supports "posix" attributes, then modify it.
   * Otherwise check for "acl" attributes.
   */
  private static void makeFileNonReadable(String file) throws IOException {
    Path filePath = Paths.get(file);
    Set<String> supportedAttr = filePath.getFileSystem().supportedFileAttributeViews();

    if (supportedAttr.contains("posix")) {
      Files.setPosixFilePermissions(filePath, PosixFilePermissions.fromString("-w--w----"));
    } else if (supportedAttr.contains("acl")) {
      UserPrincipal fileOwner = Files.getOwner(filePath);

      AclFileAttributeView view = Files.getFileAttributeView(filePath, AclFileAttributeView.class);

      AclEntry entry =
          AclEntry.newBuilder()
              .setType(AclEntryType.DENY)
              .setPrincipal(fileOwner)
              .setPermissions(AclEntryPermission.READ_DATA)
              .build();

      List<AclEntry> acl = view.getAcl();
      acl.add(0, entry);
      view.setAcl(acl);
    }
  }
Exemple #12
0
  public void setAttrs(FileAttrs attrs) throws IOException {
    UserPrincipal posixOwner;
    GroupPrincipal posixGroup;
    Set<PosixFilePermission> posixPerms;
    UserPrincipalLookupService lookup;

    if (System.getProperty("os.name").startsWith("Windows")) {
      Files.setAttribute(this.path.toPath(), "dos:archive", attrs.getDosArchive());
      Files.setAttribute(this.path.toPath(), "dos:hidden", attrs.getDosHidden());
      Files.setAttribute(this.path.toPath(), "dos:readonly", attrs.getDosReadonly());
      Files.setAttribute(this.path.toPath(), "dos:system", attrs.getDosSystem());
    } else {
      lookup = this.path.toPath().getFileSystem().getUserPrincipalLookupService();

      posixOwner = lookup.lookupPrincipalByName(attrs.getPosixOwner());
      posixGroup = lookup.lookupPrincipalByGroupName(attrs.getPosixGroup());
      posixPerms = PosixFilePermissions.fromString(attrs.getPosixPermission());

      Files.setOwner(this.path.toPath(), posixOwner);
      Files.getFileAttributeView(this.path.toPath(), PosixFileAttributeView.class)
          .setGroup(posixGroup);
      Files.setPosixFilePermissions(this.path.toPath(), posixPerms);
    }
  }
Exemple #13
0
  protected void doExecute() throws Exception {
    startupRepositories = nonNullList(startupRepositories);
    bootRepositories = nonNullList(bootRepositories);
    installedRepositories = nonNullList(installedRepositories);
    startupBundles = nonNullList(startupBundles);
    bootBundles = nonNullList(bootBundles);
    installedBundles = nonNullList(installedBundles);
    blacklistedBundles = nonNullList(blacklistedBundles);
    startupFeatures = nonNullList(startupFeatures);
    bootFeatures = nonNullList(bootFeatures);
    installedFeatures = nonNullList(installedFeatures);
    blacklistedFeatures = nonNullList(blacklistedFeatures);
    startupProfiles = nonNullList(startupProfiles);
    bootProfiles = nonNullList(bootProfiles);
    installedProfiles = nonNullList(installedProfiles);
    blacklistedProfiles = nonNullList(blacklistedProfiles);

    if (!startupProfiles.isEmpty() || !bootProfiles.isEmpty() || !installedProfiles.isEmpty()) {
      if (profilesUri == null) {
        throw new IllegalArgumentException("profilesDirectory must be specified");
      }
    }

    if (featureRepositories != null && !featureRepositories.isEmpty()) {
      getLog()
          .warn(
              "Use of featureRepositories is deprecated, use startupRepositories, bootRepositories or installedRepositories instead");
      startupRepositories.addAll(featureRepositories);
      bootRepositories.addAll(featureRepositories);
      installedRepositories.addAll(featureRepositories);
    }

    StringBuilder remote = new StringBuilder();
    for (Object obj : project.getRemoteProjectRepositories()) {
      if (remote.length() > 0) {
        remote.append(",");
      }
      remote.append(invoke(obj, "getUrl"));
      remote.append("@id=").append(invoke(obj, "getId"));
      if (!((Boolean) invoke(getPolicy(obj, false), "isEnabled"))) {
        remote.append("@noreleases");
      }
      if ((Boolean) invoke(getPolicy(obj, true), "isEnabled")) {
        remote.append("@snapshots");
      }
    }
    getLog().info("Using repositories: " + remote.toString());

    Builder builder = Builder.newInstance();
    builder.offline(mavenSession.isOffline());
    builder.localRepository(localRepo.getBasedir());
    builder.mavenRepositories(remote.toString());
    builder.javase(javase);

    // Set up blacklisted items
    builder.blacklistBundles(blacklistedBundles);
    builder.blacklistFeatures(blacklistedFeatures);
    builder.blacklistProfiles(blacklistedProfiles);
    builder.blacklistPolicy(blacklistPolicy);

    if (propertyFileEdits != null) {
      File file = new File(propertyFileEdits);
      if (file.exists()) {
        KarafPropertyEdits edits;
        try (InputStream editsStream = new FileInputStream(propertyFileEdits)) {
          KarafPropertyInstructionsModelStaxReader kipmsr =
              new KarafPropertyInstructionsModelStaxReader();
          edits = kipmsr.read(editsStream, true);
        }
        builder.propertyEdits(edits);
      }
    }

    Map<String, String> urls = new HashMap<>();
    List<Artifact> artifacts = new ArrayList<>(project.getAttachedArtifacts());
    artifacts.add(project.getArtifact());
    for (Artifact artifact : artifacts) {
      if (artifact.getFile() != null && artifact.getFile().exists()) {
        String mvnUrl =
            "mvn:"
                + artifact.getGroupId()
                + "/"
                + artifact.getArtifactId()
                + "/"
                + artifact.getVersion();
        String type = artifact.getType();
        if ("bundle".equals(type)) {
          type = "jar";
        }
        if (!"jar".equals(type) || artifact.getClassifier() != null) {
          mvnUrl += "/" + type;
          if (artifact.getClassifier() != null) {
            mvnUrl += "/" + artifact.getClassifier();
          }
        }
        urls.put(mvnUrl, artifact.getFile().toURI().toString());
      }
    }
    if (translatedUrls != null) {
      urls.putAll(translatedUrls);
    }
    builder.translatedUrls(urls);

    // creating system directory
    getLog().info("Creating work directory");
    builder.homeDirectory(workDirectory.toPath());
    IoUtils.deleteRecursive(workDirectory);
    workDirectory.mkdirs();

    List<String> startupKars = new ArrayList<>();
    List<String> bootKars = new ArrayList<>();
    List<String> installedKars = new ArrayList<>();

    // Loading kars and features repositories
    getLog().info("Loading kar and features repositories dependencies");
    for (Artifact artifact : project.getDependencyArtifacts()) {
      Builder.Stage stage;
      switch (artifact.getScope()) {
        case "compile":
          stage = Builder.Stage.Startup;
          break;
        case "runtime":
          stage = Builder.Stage.Boot;
          break;
        case "provided":
          stage = Builder.Stage.Installed;
          break;
        default:
          continue;
      }
      if ("kar".equals(artifact.getType())) {
        String uri = artifactToMvn(artifact);
        switch (stage) {
          case Startup:
            startupKars.add(uri);
            break;
          case Boot:
            bootKars.add(uri);
            break;
          case Installed:
            installedKars.add(uri);
            break;
        }
      } else if ("features".equals(artifact.getClassifier())) {
        String uri = artifactToMvn(artifact);
        switch (stage) {
          case Startup:
            startupRepositories.add(uri);
            break;
          case Boot:
            bootRepositories.add(uri);
            break;
          case Installed:
            installedRepositories.add(uri);
            break;
        }
      } else if ("jar".equals(artifact.getType()) || "bundle".equals(artifact.getType())) {
        String uri = artifactToMvn(artifact);
        switch (stage) {
          case Startup:
            startupBundles.add(uri);
            break;
          case Boot:
            bootBundles.add(uri);
            break;
          case Installed:
            installedBundles.add(uri);
            break;
        }
      }
    }

    builder
        .karafVersion(karafVersion)
        .useReferenceUrls(useReferenceUrls)
        .defaultAddAll(installAllFeaturesByDefault)
        .ignoreDependencyFlag(ignoreDependencyFlag);
    if (profilesUri != null) {
      builder.profilesUris(profilesUri);
    }
    if (libraries != null) {
      builder.libraries(libraries.toArray(new String[libraries.size()]));
    }
    // Startup
    builder
        .defaultStage(Builder.Stage.Startup)
        .kars(toArray(startupKars))
        .repositories(
            startupFeatures.isEmpty() && startupProfiles.isEmpty() && installAllFeaturesByDefault,
            toArray(startupRepositories))
        .features(toArray(startupFeatures))
        .bundles(toArray(startupBundles))
        .profiles(toArray(startupProfiles));
    // Boot
    builder
        .defaultStage(Builder.Stage.Boot)
        .kars(toArray(bootKars))
        .repositories(
            bootFeatures.isEmpty() && bootProfiles.isEmpty() && installAllFeaturesByDefault,
            toArray(bootRepositories))
        .features(toArray(bootFeatures))
        .bundles(toArray(bootBundles))
        .profiles(toArray(bootProfiles));
    // Installed
    builder
        .defaultStage(Builder.Stage.Installed)
        .kars(toArray(installedKars))
        .repositories(
            installedFeatures.isEmpty()
                && installedProfiles.isEmpty()
                && installAllFeaturesByDefault,
            toArray(installedRepositories))
        .features(toArray(installedFeatures))
        .bundles(toArray(installedBundles))
        .profiles(toArray(installedProfiles));

    // Generate the assembly
    builder.generateAssembly();

    // Include project classes content
    if (includeBuildOutputDirectory)
      IoUtils.copyDirectory(new File(project.getBuild().getOutputDirectory()), workDirectory);

    // Overwrite assembly dir contents
    if (sourceDirectory.exists()) IoUtils.copyDirectory(sourceDirectory, workDirectory);

    // Chmod the bin/* scripts
    File[] files = new File(workDirectory, "bin").listFiles();
    if (files != null) {
      for (File file : files) {
        if (!file.getName().endsWith(".bat")) {
          try {
            Files.setPosixFilePermissions(
                file.toPath(), PosixFilePermissions.fromString("rwxr-xr-x"));
          } catch (Throwable ignore) {
            // we tried our best, perhaps the OS does not support posix file perms.
          }
        }
      }
    }
  }