List of usage examples for java.nio.file.attribute PosixFilePermission OTHERS_EXECUTE
PosixFilePermission OTHERS_EXECUTE
To view the source code for java.nio.file.attribute PosixFilePermission OTHERS_EXECUTE.
Click Source Link
From source file:net.krotscheck.util.ResourceUtilTest.java
/** * Assert that we can read a resource as a stream. * * @throws Exception Should not be thrown. *///from ww w . j a v a 2s . c o m @Test public void testGetResourceAsStream() throws Exception { String name = "/valid-resource-file.txt"; InputStream stream = ResourceUtil.getResourceAsStream(name); Assert.assertTrue(stream.available() > 0); String invalidName = "/invalid-resource-file.txt"; InputStream invalidContent = ResourceUtil.getResourceAsStream(invalidName); Assert.assertTrue(invalidContent instanceof NullInputStream); Assert.assertTrue(invalidContent.available() == 0); // Make the file write only File resource = ResourceUtil.getFileForResource(name); Set<PosixFilePermission> oldPerms = Files.getPosixFilePermissions(resource.toPath()); Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.OTHERS_EXECUTE); // Write only... Files.setPosixFilePermissions(resource.toPath(), perms); String writeOnlyName = "/valid-resource-file.txt"; InputStream writeOnlyContent = ResourceUtil.getResourceAsStream(writeOnlyName); Assert.assertTrue(writeOnlyContent instanceof NullInputStream); Assert.assertTrue(writeOnlyContent.available() == 0); Files.setPosixFilePermissions(resource.toPath(), oldPerms); }
From source file:org.assertj.examples.PathAssertionsExamples.java
@Test public void path_rwx_assertion() throws Exception { assumeTrue(SystemUtils.IS_OS_UNIX);/* w w w .j ava 2s . co m*/ // Create a file and set permissions to be readable by all. write(rwxFile, "rwx file".getBytes()); // using PosixFilePermission to set file permissions 777 Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>(); // add owners permission perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); // add group permissions perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); // add others permissions perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(rwxFile, perms); final Path symlinkToRwxFile = FileSystems.getDefault().getPath("symlink-to-rwxFile"); if (!Files.exists(symlinkToRwxFile)) { createSymbolicLink(symlinkToRwxFile, rwxFile); } // The following assertions succeed: assertThat(rwxFile).isReadable().isWritable().isExecutable(); assertThat(symlinkToRwxFile).isReadable().isWritable().isExecutable(); }
From source file:org.roda.core.plugins.InternalPluginsTest.java
@BeforeClass public void setUp() throws Exception { basePath = TestsHelper.createBaseTempDir(getClass(), true, PosixFilePermissions.asFileAttribute(new HashSet<>(Arrays.asList(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_EXECUTE)))); boolean deploySolr = true; boolean deployLdap = true; boolean deployFolderMonitor = true; boolean deployOrchestrator = true; boolean deployPluginManager = true; boolean deployDefaultResources = false; RodaCoreFactory.instantiateTest(deploySolr, deployLdap, deployFolderMonitor, deployOrchestrator, deployPluginManager, deployDefaultResources); model = RodaCoreFactory.getModelService(); index = RodaCoreFactory.getIndexService(); LOGGER.info("Running internal plugins tests under storage {}", basePath); }
From source file:org.apache.hadoop.yarn.server.security.CertificateLocalizationService.java
@Override protected void serviceInit(Configuration conf) throws Exception { parseSuperuserMaterial(conf);/*from w w w . j a v a2 s. c o m*/ String localizationDir = service.toString() + "_" + LOCALIZATION_DIR_NAME; materializeDir = Paths.get(SYSTEM_TMP, localizationDir); File fileMaterializeDir = materializeDir.toFile(); if (!fileMaterializeDir.exists()) { fileMaterializeDir.mkdir(); Set<PosixFilePermission> materializeDirPerm; if (service == ServiceType.NM) { // the nm user should have full access to the directory, everyone else should have only execute access // to traverse the directory materializeDirPerm = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_EXECUTE); } else { // Only the rm user should access to this directory materializeDirPerm = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE); } Files.setPosixFilePermissions(materializeDir, materializeDirPerm); } LOG.debug("Initialized at dir: " + materializeDir.toString()); super.serviceInit(conf); }
From source file:org.verwandlung.voj.judger.core.Preprocessor.java
/** * ???./*from w ww .ja v a 2 s.co m*/ * Linux, ?UID=1536?, ?Others???. * @param workDirectory */ private void setWorkDirectoryPermission(File workDirectory) throws IOException { if (!System.getProperty("os.name").contains("Windows")) { Set<PosixFilePermission> permissions = new HashSet<>(); permissions.add(PosixFilePermission.OWNER_READ); permissions.add(PosixFilePermission.OWNER_WRITE); permissions.add(PosixFilePermission.OWNER_EXECUTE); permissions.add(PosixFilePermission.GROUP_READ); permissions.add(PosixFilePermission.GROUP_WRITE); permissions.add(PosixFilePermission.GROUP_EXECUTE); permissions.add(PosixFilePermission.OTHERS_READ); permissions.add(PosixFilePermission.OTHERS_WRITE); permissions.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(workDirectory.toPath(), permissions); } }
From source file:org.ng200.openolympus.cerberus.executors.JavaExecutor.java
@Override public ExecutionResult execute(final Path program) throws IOException { final Path chrootRoot = this.storage.getPath().resolve("chroot"); final Path chrootedProgram = chrootRoot.resolve(program.getFileName().toString()); FileAccess.createDirectories(chrootedProgram); FileAccess.copyDirectory(program, chrootedProgram, StandardCopyOption.REPLACE_EXISTING, StandardCopyOption.COPY_ATTRIBUTES); final Path outOfMemoryFile = chrootRoot.resolve("outOfMemory"); final Path policyFile = this.storage.getPath().resolve("olymp.policy"); try (Stream<Path> paths = FileAccess.walkPaths(storage.getPath())) { paths.forEach(path -> {//from w ww . j av a2 s . c om try { Files.setPosixFilePermissions(path, new HashSet<PosixFilePermission>( Lists.from(PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.OTHERS_EXECUTE, PosixFilePermission.OTHERS_READ))); } catch (Exception e) { throw new RuntimeException(e); } }); } this.buildPolicy(chrootRoot, policyFile); final CommandLine commandLine = new CommandLine("sudo"); commandLine.addArgument("olympus_watchdog"); this.setUpOlrunnerLimits(commandLine); commandLine.addArgument("--security=0"); commandLine.addArgument("--jail=/"); commandLine.addArgument("--"); commandLine.addArgument("/usr/bin/java"); commandLine.addArgument("-classpath"); commandLine.addArgument(chrootedProgram.toAbsolutePath().toString()); commandLine.addArgument("-Djava.security.manager"); commandLine.addArgument("-Djava.security.policy=" + policyFile.toAbsolutePath().toString()); commandLine.addArgument("-Xmx" + this.getMemoryLimit()); commandLine.addArgument("-Xms" + this.getMemoryLimit()); commandLine.addArgument(MessageFormat.format("-XX:OnOutOfMemoryError=touch {0}; echo \"\" > {0}", outOfMemoryFile.toAbsolutePath().toString()), false); commandLine.addArgument("Main"); final DefaultExecutor executor = new DefaultExecutor(); executor.setWatchdog(new ExecuteWatchdog(20000)); // 20 seconds for the // sandbox to // complete executor.setWorkingDirectory(chrootRoot.toFile()); executor.setStreamHandler(new PumpStreamHandler(this.outputStream, this.errorStream, this.inputStream)); try { executor.execute(commandLine); } catch (final IOException e) { if (!e.getMessage().toLowerCase().equals("stream closed")) { throw e; } } final ExecutionResult readOlrunnerVerdict = this.readOlrunnerVerdict(chrootRoot.resolve("verdict.txt")); if (FileAccess.exists(outOfMemoryFile)) { readOlrunnerVerdict.setResultType(ExecutionResultType.MEMORY_LIMIT); } readOlrunnerVerdict.setMemoryPeak(this.getMemoryLimit()); return readOlrunnerVerdict; }
From source file:org.mitre.mpf.wfm.util.PropertiesUtil.java
@PostConstruct private void init() throws IOException, WfmProcessingException { parseCoreMpfNodes();/*from ww w.j a v a2 s . c o m*/ mpfPropertiesConfig = mpfPropertiesConfigBuilder.getCompleteConfiguration(); if (!mediaTypesFile.exists()) { copyResource(mediaTypesFile, getMediaTypesTemplate()); } Set<PosixFilePermission> permissions = new HashSet<>(); permissions.add(PosixFilePermission.OWNER_READ); permissions.add(PosixFilePermission.OWNER_WRITE); permissions.add(PosixFilePermission.OWNER_EXECUTE); Path share = Paths.get(getSharePath()).toAbsolutePath(); if (!Files.exists(share)) { share = Files.createDirectories(share, PosixFilePermissions.asFileAttribute(permissions)); } if (!Files.exists(share) || !Files.isDirectory(share)) { throw new WfmProcessingException( String.format("Failed to create the path '%s'. It does not exist or it is not a directory.", share.toString())); } artifactsDirectory = createOrFail(share, "artifacts", permissions); markupDirectory = createOrFail(share, "markup", permissions); outputObjectsDirectory = createOrFail(share, "output-objects", permissions); remoteMediaCacheDirectory = createOrFail(share, "remote-media", permissions); uploadedComponentsDirectory = createOrFail(share, getComponentUploadDirName(), permissions); createOrFail(getPluginDeploymentPath().toPath(), "", EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_EXECUTE)); // create the default models directory, although the user may have set "detection.models.dir.path" to something else createOrFail(share, "models", permissions); log.info("All file resources are stored within the shared directory '{}'.", share); log.debug("Artifacts Directory = {}", artifactsDirectory); log.debug("Markup Directory = {}", markupDirectory); log.debug("Output Objects Directory = {}", outputObjectsDirectory); log.debug("Remote Media Cache Directory = {}", remoteMediaCacheDirectory); log.debug("Uploaded Components Directory = {}", uploadedComponentsDirectory); }
From source file:io.hops.hopsworks.common.dao.jupyter.config.JupyterConfigFilesGenerator.java
private boolean createJupyterDirs(JupyterPaths jp) throws IOException { File projectDir = new File(jp.getProjectUserPath()); projectDir.mkdirs();//from ww w . j a v a 2 s. co m File baseDir = new File(jp.getNotebookPath()); baseDir.mkdirs(); // Set owner persmissions Set<PosixFilePermission> xOnly = new HashSet<>(); xOnly.add(PosixFilePermission.OWNER_WRITE); xOnly.add(PosixFilePermission.OWNER_READ); xOnly.add(PosixFilePermission.OWNER_EXECUTE); xOnly.add(PosixFilePermission.GROUP_WRITE); xOnly.add(PosixFilePermission.GROUP_EXECUTE); Set<PosixFilePermission> perms = new HashSet<>(); //add owners permission perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); //add group permissions perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); //add others permissions perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(Paths.get(jp.getNotebookPath()), perms); Files.setPosixFilePermissions(Paths.get(jp.getProjectUserPath()), xOnly); new File(jp.getConfDirPath() + "/custom").mkdirs(); new File(jp.getRunDirPath()).mkdirs(); new File(jp.getLogDirPath()).mkdirs(); new File(jp.getCertificatesDir()).mkdirs(); return true; }
From source file:io.hops.hopsworks.common.security.CertificatesMgmService.java
@PostConstruct public void init() { masterPasswordFile = new File(settings.getHopsworksMasterEncPasswordFile()); if (!masterPasswordFile.exists()) { throw new IllegalStateException("Master encryption file does not exist"); }/*from w w w . jav a 2 s.co m*/ try { PosixFileAttributeView fileView = Files.getFileAttributeView(masterPasswordFile.toPath(), PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS); Set<PosixFilePermission> filePermissions = fileView.readAttributes().permissions(); boolean ownerRead = filePermissions.contains(PosixFilePermission.OWNER_READ); boolean ownerWrite = filePermissions.contains(PosixFilePermission.OWNER_WRITE); boolean ownerExecute = filePermissions.contains(PosixFilePermission.OWNER_EXECUTE); boolean groupRead = filePermissions.contains(PosixFilePermission.GROUP_READ); boolean groupWrite = filePermissions.contains(PosixFilePermission.GROUP_WRITE); boolean groupExecute = filePermissions.contains(PosixFilePermission.GROUP_EXECUTE); boolean othersRead = filePermissions.contains(PosixFilePermission.OTHERS_READ); boolean othersWrite = filePermissions.contains(PosixFilePermission.OTHERS_WRITE); boolean othersExecute = filePermissions.contains(PosixFilePermission.OTHERS_EXECUTE); // Permissions should be 700 if ((ownerRead && ownerWrite && ownerExecute) && (!groupRead && !groupWrite && !groupExecute) && (!othersRead && !othersWrite && !othersExecute)) { String owner = fileView.readAttributes().owner().getName(); String group = fileView.readAttributes().group().getName(); String permStr = PosixFilePermissions.toString(filePermissions); LOG.log(Level.INFO, "Passed permissions check for file " + masterPasswordFile.getAbsolutePath() + ". Owner: " + owner + " Group: " + group + " Permissions: " + permStr); } else { throw new IllegalStateException("Wrong permissions for file " + masterPasswordFile.getAbsolutePath() + ", it should be 700"); } } catch (UnsupportedOperationException ex) { LOG.log(Level.WARNING, "Associated filesystem is not POSIX compliant. " + "Continue without checking the permissions of " + masterPasswordFile.getAbsolutePath() + " This might be a security problem."); } catch (IOException ex) { throw new IllegalStateException( "Error while getting POSIX permissions of " + masterPasswordFile.getAbsolutePath()); } // Register handlers when master encryption password changes MasterPasswordChangeHandler<CertsFacade> psUserCertsHandler = new PSUserCertsMasterPasswordHandler( userFacade); psUserCertsHandler.setFacade(certsFacade); registerMasterPasswordChangeHandler(UserCerts.class, psUserCertsHandler); MasterPasswordChangeHandler<CertsFacade> pgUserCertsHandler = new PGUserCertsMasterPasswordHandler( projectFacade); pgUserCertsHandler.setFacade(certsFacade); registerMasterPasswordChangeHandler(ProjectGenericUserCerts.class, pgUserCertsHandler); MasterPasswordChangeHandler<ClusterCertificateFacade> delaClusterCertsHandler = new DelaCertsMasterPasswordHandler( settings); delaClusterCertsHandler.setFacade(clusterCertificateFacade); registerMasterPasswordChangeHandler(ClusterCertificate.class, delaClusterCertsHandler); }
From source file:org.kitodo.services.command.CommandServiceTest.java
public static void setFileExecuteable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_EXECUTE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.OTHERS_EXECUTE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); perms.add(PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(file.toPath(), perms); }