List of usage examples for java.nio.file.attribute PosixFilePermission GROUP_WRITE
PosixFilePermission GROUP_WRITE
To view the source code for java.nio.file.attribute PosixFilePermission GROUP_WRITE.
Click Source Link
From source file:org.verwandlung.voj.judger.core.Preprocessor.java
/** * ???./*from w ww. j a v a 2s . c om*/ * Linux, ?UID=1536?, ?Others???. * @param workDirectory */ private void setWorkDirectoryPermission(File workDirectory) throws IOException { if (!System.getProperty("os.name").contains("Windows")) { Set<PosixFilePermission> permissions = new HashSet<>(); permissions.add(PosixFilePermission.OWNER_READ); permissions.add(PosixFilePermission.OWNER_WRITE); permissions.add(PosixFilePermission.OWNER_EXECUTE); permissions.add(PosixFilePermission.GROUP_READ); permissions.add(PosixFilePermission.GROUP_WRITE); permissions.add(PosixFilePermission.GROUP_EXECUTE); permissions.add(PosixFilePermission.OTHERS_READ); permissions.add(PosixFilePermission.OTHERS_WRITE); permissions.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(workDirectory.toPath(), permissions); } }
From source file:org.kitodo.command.CommandTest.java
private static void setFileNotExecuteable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); Files.setPosixFilePermissions(file.toPath(), perms); }
From source file:org.ng200.openolympus.cerberus.executors.JavaExecutor.java
@Override public ExecutionResult execute(final Path program) throws IOException { final Path chrootRoot = this.storage.getPath().resolve("chroot"); final Path chrootedProgram = chrootRoot.resolve(program.getFileName().toString()); FileAccess.createDirectories(chrootedProgram); FileAccess.copyDirectory(program, chrootedProgram, StandardCopyOption.REPLACE_EXISTING, StandardCopyOption.COPY_ATTRIBUTES); final Path outOfMemoryFile = chrootRoot.resolve("outOfMemory"); final Path policyFile = this.storage.getPath().resolve("olymp.policy"); try (Stream<Path> paths = FileAccess.walkPaths(storage.getPath())) { paths.forEach(path -> {//w w w. j av a2 s. c om try { Files.setPosixFilePermissions(path, new HashSet<PosixFilePermission>( Lists.from(PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.OTHERS_EXECUTE, PosixFilePermission.OTHERS_READ))); } catch (Exception e) { throw new RuntimeException(e); } }); } this.buildPolicy(chrootRoot, policyFile); final CommandLine commandLine = new CommandLine("sudo"); commandLine.addArgument("olympus_watchdog"); this.setUpOlrunnerLimits(commandLine); commandLine.addArgument("--security=0"); commandLine.addArgument("--jail=/"); commandLine.addArgument("--"); commandLine.addArgument("/usr/bin/java"); commandLine.addArgument("-classpath"); commandLine.addArgument(chrootedProgram.toAbsolutePath().toString()); commandLine.addArgument("-Djava.security.manager"); commandLine.addArgument("-Djava.security.policy=" + policyFile.toAbsolutePath().toString()); commandLine.addArgument("-Xmx" + this.getMemoryLimit()); commandLine.addArgument("-Xms" + this.getMemoryLimit()); commandLine.addArgument(MessageFormat.format("-XX:OnOutOfMemoryError=touch {0}; echo \"\" > {0}", outOfMemoryFile.toAbsolutePath().toString()), false); commandLine.addArgument("Main"); final DefaultExecutor executor = new DefaultExecutor(); executor.setWatchdog(new ExecuteWatchdog(20000)); // 20 seconds for the // sandbox to // complete executor.setWorkingDirectory(chrootRoot.toFile()); executor.setStreamHandler(new PumpStreamHandler(this.outputStream, this.errorStream, this.inputStream)); try { executor.execute(commandLine); } catch (final IOException e) { if (!e.getMessage().toLowerCase().equals("stream closed")) { throw e; } } final ExecutionResult readOlrunnerVerdict = this.readOlrunnerVerdict(chrootRoot.resolve("verdict.txt")); if (FileAccess.exists(outOfMemoryFile)) { readOlrunnerVerdict.setResultType(ExecutionResultType.MEMORY_LIMIT); } readOlrunnerVerdict.setMemoryPeak(this.getMemoryLimit()); return readOlrunnerVerdict; }
From source file:io.hops.hopsworks.common.dao.jupyter.config.JupyterConfigFilesGenerator.java
private boolean createJupyterDirs(JupyterPaths jp) throws IOException { File projectDir = new File(jp.getProjectUserPath()); projectDir.mkdirs();// w w w. ja v a 2s . c om File baseDir = new File(jp.getNotebookPath()); baseDir.mkdirs(); // Set owner persmissions Set<PosixFilePermission> xOnly = new HashSet<>(); xOnly.add(PosixFilePermission.OWNER_WRITE); xOnly.add(PosixFilePermission.OWNER_READ); xOnly.add(PosixFilePermission.OWNER_EXECUTE); xOnly.add(PosixFilePermission.GROUP_WRITE); xOnly.add(PosixFilePermission.GROUP_EXECUTE); Set<PosixFilePermission> perms = new HashSet<>(); //add owners permission perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); //add group permissions perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); //add others permissions perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(Paths.get(jp.getNotebookPath()), perms); Files.setPosixFilePermissions(Paths.get(jp.getProjectUserPath()), xOnly); new File(jp.getConfDirPath() + "/custom").mkdirs(); new File(jp.getRunDirPath()).mkdirs(); new File(jp.getLogDirPath()).mkdirs(); new File(jp.getCertificatesDir()).mkdirs(); return true; }
From source file:io.hops.hopsworks.common.security.CertificatesMgmService.java
@PostConstruct public void init() { masterPasswordFile = new File(settings.getHopsworksMasterEncPasswordFile()); if (!masterPasswordFile.exists()) { throw new IllegalStateException("Master encryption file does not exist"); }//from ww w . j a va 2s . c om try { PosixFileAttributeView fileView = Files.getFileAttributeView(masterPasswordFile.toPath(), PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS); Set<PosixFilePermission> filePermissions = fileView.readAttributes().permissions(); boolean ownerRead = filePermissions.contains(PosixFilePermission.OWNER_READ); boolean ownerWrite = filePermissions.contains(PosixFilePermission.OWNER_WRITE); boolean ownerExecute = filePermissions.contains(PosixFilePermission.OWNER_EXECUTE); boolean groupRead = filePermissions.contains(PosixFilePermission.GROUP_READ); boolean groupWrite = filePermissions.contains(PosixFilePermission.GROUP_WRITE); boolean groupExecute = filePermissions.contains(PosixFilePermission.GROUP_EXECUTE); boolean othersRead = filePermissions.contains(PosixFilePermission.OTHERS_READ); boolean othersWrite = filePermissions.contains(PosixFilePermission.OTHERS_WRITE); boolean othersExecute = filePermissions.contains(PosixFilePermission.OTHERS_EXECUTE); // Permissions should be 700 if ((ownerRead && ownerWrite && ownerExecute) && (!groupRead && !groupWrite && !groupExecute) && (!othersRead && !othersWrite && !othersExecute)) { String owner = fileView.readAttributes().owner().getName(); String group = fileView.readAttributes().group().getName(); String permStr = PosixFilePermissions.toString(filePermissions); LOG.log(Level.INFO, "Passed permissions check for file " + masterPasswordFile.getAbsolutePath() + ". Owner: " + owner + " Group: " + group + " Permissions: " + permStr); } else { throw new IllegalStateException("Wrong permissions for file " + masterPasswordFile.getAbsolutePath() + ", it should be 700"); } } catch (UnsupportedOperationException ex) { LOG.log(Level.WARNING, "Associated filesystem is not POSIX compliant. " + "Continue without checking the permissions of " + masterPasswordFile.getAbsolutePath() + " This might be a security problem."); } catch (IOException ex) { throw new IllegalStateException( "Error while getting POSIX permissions of " + masterPasswordFile.getAbsolutePath()); } // Register handlers when master encryption password changes MasterPasswordChangeHandler<CertsFacade> psUserCertsHandler = new PSUserCertsMasterPasswordHandler( userFacade); psUserCertsHandler.setFacade(certsFacade); registerMasterPasswordChangeHandler(UserCerts.class, psUserCertsHandler); MasterPasswordChangeHandler<CertsFacade> pgUserCertsHandler = new PGUserCertsMasterPasswordHandler( projectFacade); pgUserCertsHandler.setFacade(certsFacade); registerMasterPasswordChangeHandler(ProjectGenericUserCerts.class, pgUserCertsHandler); MasterPasswordChangeHandler<ClusterCertificateFacade> delaClusterCertsHandler = new DelaCertsMasterPasswordHandler( settings); delaClusterCertsHandler.setFacade(clusterCertificateFacade); registerMasterPasswordChangeHandler(ClusterCertificate.class, delaClusterCertsHandler); }
From source file:org.kitodo.services.command.CommandServiceTest.java
public static void setFileExecuteable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.OTHERS_EXECUTE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(file.toPath(), perms); }
From source file:uk.ac.ebi.metabolights.webservice.utils.FileUtil.java
/** * Create a private FTP folder for uploading big study files * * @param folder/*from w w w .jav a 2 s . c o m*/ * @return a String containing created folder * @author jrmacias * @date 20151102 */ @PostConstruct public static Path createFtpFolder(String folder) throws IOException { String privateFTPRoot = PropertiesUtil.getProperty("privateFTPRoot"); // ~/ftp_private/ // create the folder File ftpFolder = new File(privateFTPRoot + File.separator + folder); Path folderPath = ftpFolder.toPath(); if (!ftpFolder.mkdir()) throw new IOException(); // set folder owner, group and access permissions // 'chmod 770' UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>(); // owner permissions perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); // group permissions perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); // apply changes Files.getFileAttributeView(folderPath, PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS) .setPermissions(perms); return folderPath; }
From source file:org.kitodo.services.command.CommandServiceTest.java
public static void setFileNotExecuteable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); Files.setPosixFilePermissions(file.toPath(), perms); }
From source file:io.hops.hopsworks.common.security.CertificateMaterializer.java
@PostConstruct public void init() { File tmpDir = new File(settings.getHopsworksTmpCertDir()); if (!tmpDir.exists()) { throw new IllegalStateException( "Transient certificates directory <" + tmpDir.getAbsolutePath() + "> does NOT exist!"); }/*from w ww .j a v a 2s . c om*/ try { PosixFileAttributeView fileView = Files.getFileAttributeView(tmpDir.toPath(), PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS); Set<PosixFilePermission> permissions = fileView.readAttributes().permissions(); boolean ownerRead = permissions.contains(PosixFilePermission.OWNER_READ); boolean ownerWrite = permissions.contains(PosixFilePermission.OWNER_WRITE); boolean ownerExecute = permissions.contains(PosixFilePermission.OWNER_EXECUTE); boolean groupRead = permissions.contains(PosixFilePermission.GROUP_READ); boolean groupWrite = permissions.contains(PosixFilePermission.GROUP_WRITE); boolean groupExecute = permissions.contains(PosixFilePermission.GROUP_EXECUTE); boolean othersRead = permissions.contains(PosixFilePermission.OTHERS_READ); boolean othersWrite = permissions.contains(PosixFilePermission.OTHERS_WRITE); boolean othersExecute = permissions.contains(PosixFilePermission.OTHERS_EXECUTE); // Permissions should be 750 if ((ownerRead && ownerWrite && ownerExecute) && (groupRead && !groupWrite && groupExecute) && (!othersRead && !othersWrite & !othersExecute)) { String owner = fileView.readAttributes().owner().getName(); String group = fileView.readAttributes().group().getName(); String permStr = PosixFilePermissions.toString(permissions); LOG.log(Level.INFO, "Passed permissions check for " + tmpDir.getAbsolutePath() + ". Owner: " + owner + " Group: " + group + " permissions: " + permStr); } else { throw new IllegalStateException( "Wrong permissions for " + tmpDir.getAbsolutePath() + ", it should be 0750"); } } catch (UnsupportedOperationException ex) { LOG.log(Level.WARNING, "Associated filesystem is not POSIX compliant. " + "Continue without checking the permissions of " + tmpDir.getAbsolutePath() + " This might be a security problem."); } catch (IOException ex) { throw new IllegalStateException( "Error while getting filesystem " + "permissions of " + tmpDir.getAbsolutePath(), ex); } try { FileUtils.cleanDirectory(tmpDir); } catch (IOException ex) { LOG.log(Level.WARNING, "Could not clean directory " + tmpDir.getAbsolutePath() + " during startup, there might be stale " + "certificates", ex); } transientDir = tmpDir.getAbsolutePath(); String delayRaw = settings.getCertificateMaterializerDelay(); DELAY_VALUE = settings.getConfTimeValue(delayRaw); DELAY_TIMEUNIT = settings.getConfTimeTimeUnit(delayRaw); try { String hostAddress = InetAddress.getLocalHost().getHostAddress(); long threadId = Thread.currentThread().getId(); String lock_identifier = hostAddress + "_" + threadId; lock_id = lock_identifier.length() <= 30 ? lock_identifier : lock_identifier.substring(0, 30); } catch (UnknownHostException ex) { throw new IllegalStateException(ex); } }
From source file:org.kitodo.filemanagement.FileManagementTest.java
private static void setFileExecutable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.OTHERS_EXECUTE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(file.toPath(), perms); }