Exemplo n.º 1
0
 /**
  * Verify the permissions for a file localized as a public distributed cache file
  *
  * @param fs The Local FileSystem used to get the permissions
  * @param localCacheFiles The list of files whose permissions should be verified.
  * @throws IOException
  */
 public static void checkPublicFilePermissions(FileSystem fs, Path[] localCacheFiles)
     throws IOException {
   // All the files should have read and executable permissions for others
   for (Path p : localCacheFiles) {
     FsPermission perm = fs.getFileStatus(p).getPermission();
     assertTrue(
         "cache file is not readable / executable by owner: perm=" + perm.getUserAction(),
         perm.getUserAction().implies(FsAction.READ_EXECUTE));
     assertTrue(
         "cache file is not readable / executable by group: perm=" + perm.getGroupAction(),
         perm.getGroupAction().implies(FsAction.READ_EXECUTE));
     assertTrue(
         "cache file is not readable / executable by others: perm=" + perm.getOtherAction(),
         perm.getOtherAction().implies(FsAction.READ_EXECUTE));
   }
 }
Exemplo n.º 2
0
 /**
  * Checks for a given path whether the Other permissions on it imply the permission in the passed
  * FsAction
  *
  * @param fs
  * @param path
  * @param action
  * @return true if the path in the uri is visible to all, false otherwise
  * @throws IOException
  */
 private static boolean checkPermissionOfOther(FileSystem fs, Path path, FsAction action)
     throws IOException {
   FileStatus status = fs.getFileStatus(path);
   FsPermission perms = status.getPermission();
   FsAction otherAction = perms.getOtherAction();
   if (otherAction.implies(action)) {
     return true;
   }
   return false;
 }
 public static boolean canAllRead(FsPermission p) {
   FsAction otherAction = p.getOtherAction();
   switch (otherAction) {
     case ALL:
     case READ:
     case READ_EXECUTE:
     case READ_WRITE:
       return true;
     default:
       return false;
   }
 }
Exemplo n.º 4
0
  /**
   * Set permissions to the required value. Uses the java primitives instead of forking if group ==
   * other.
   *
   * @param f the file to change
   * @param permission the new permissions
   * @throws IOException
   */
  public static void setPermission(File f, FsPermission permission) throws IOException {
    FsAction user = permission.getUserAction();
    FsAction group = permission.getGroupAction();
    FsAction other = permission.getOtherAction();

    // use the native/fork if the group/other permissions are different
    // or if the native is available
    if (group != other || NativeIO.isAvailable()) {
      execSetPermission(f, permission);
      return;
    }

    boolean rv = true;

    // read perms
    rv = f.setReadable(group.implies(FsAction.READ), false);
    checkReturnValue(rv, f, permission);
    if (group.implies(FsAction.READ) != user.implies(FsAction.READ)) {
      f.setReadable(user.implies(FsAction.READ), true);
      checkReturnValue(rv, f, permission);
    }

    // write perms
    rv = f.setWritable(group.implies(FsAction.WRITE), false);
    checkReturnValue(rv, f, permission);
    if (group.implies(FsAction.WRITE) != user.implies(FsAction.WRITE)) {
      f.setWritable(user.implies(FsAction.WRITE), true);
      checkReturnValue(rv, f, permission);
    }

    // exec perms
    rv = f.setExecutable(group.implies(FsAction.EXECUTE), false);
    checkReturnValue(rv, f, permission);
    if (group.implies(FsAction.EXECUTE) != user.implies(FsAction.EXECUTE)) {
      f.setExecutable(user.implies(FsAction.EXECUTE), true);
      checkReturnValue(rv, f, permission);
    }
  }
  // BZ908899
  @Test
  public void testPermissionsChanging() throws Exception {
    Path theFile = new Path("/mnt/glusterfs/changePerms/a");

    fs.create(theFile);

    FsPermission originalPermissions = this.fs.getFileStatus(theFile).getPermission();
    FsPermission changeTo = new FsPermission(FsAction.WRITE, FsAction.WRITE, FsAction.WRITE);
    this.fs.setPermission(theFile, changeTo);

    /**
     * Sanity check: Assert that the original permissions are different than the ones we changed to.
     */
    Assert.assertNotSame(originalPermissions, changeTo);

    /** Assert that we indeed changed the privileges to the exact expected values. */
    Assert.assertTrue(
        this.fs
            .getFileStatus(theFile)
            .getPermission()
            .getGroupAction()
            .equals(changeTo.getGroupAction()));
    Assert.assertTrue(
        this.fs
            .getFileStatus(theFile)
            .getPermission()
            .getUserAction()
            .equals(changeTo.getUserAction()));
    Assert.assertTrue(
        this.fs
            .getFileStatus(theFile)
            .getPermission()
            .getOtherAction()
            .equals(changeTo.getOtherAction()));
    fs.delete(new Path("mnt"), true);
  }
  @BeforeClass
  public static void startCluster() throws IOException {
    GCWatcher.init(0.60);
    LocalFileSystem localFS = FileSystem.getLocal(new Configuration());
    File testDirectory = new File(TMPDIR, "blur-cluster-test").getAbsoluteFile();
    testDirectory.mkdirs();

    Path directory = new Path(testDirectory.getPath());
    FsPermission dirPermissions = localFS.getFileStatus(directory).getPermission();
    FsAction userAction = dirPermissions.getUserAction();
    FsAction groupAction = dirPermissions.getGroupAction();
    FsAction otherAction = dirPermissions.getOtherAction();

    StringBuilder builder = new StringBuilder();
    builder.append(userAction.ordinal());
    builder.append(groupAction.ordinal());
    builder.append(otherAction.ordinal());
    String dirPermissionNum = builder.toString();
    System.setProperty("dfs.datanode.data.dir.perm", dirPermissionNum);
    testDirectory.delete();
    miniCluster = new MiniCluster();
    miniCluster.startBlurCluster(new File(testDirectory, "cluster").getAbsolutePath(), 2, 3, true);
    connectionStr = miniCluster.getControllerConnectionStr();
  }