List of usage examples for java.nio.file.attribute PosixFilePermission OWNER_READ
PosixFilePermission OWNER_READ
To view the source code for java.nio.file.attribute PosixFilePermission OWNER_READ.
Click Source Link
From source file:org.apache.nifi.minifi.bootstrap.RunMiNiFi.java
private synchronized void saveProperties(final Properties minifiProps, final Logger logger) throws IOException { final String pid = minifiProps.getProperty(PID_KEY); if (!StringUtils.isBlank(pid)) { writePidFile(pid, logger);/*from w w w .j av a 2s . c om*/ } final File statusFile = getStatusFile(logger); if (statusFile.exists() && !statusFile.delete()) { logger.warn("Failed to delete {}", statusFile); } if (!statusFile.createNewFile()) { throw new IOException("Failed to create file " + statusFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.OTHERS_READ); Files.setPosixFilePermissions(statusFile.toPath(), perms); } catch (final Exception e) { logger.warn( "Failed to set permissions so that only the owner can read status file {}; " + "this may allows others to have access to the key needed to communicate with MiNiFi. " + "Permissions should be changed so that only the owner can read this file", statusFile); } try (final FileOutputStream fos = new FileOutputStream(statusFile)) { minifiProps.store(fos, null); fos.getFD().sync(); } logger.debug("Saved Properties {} to {}", new Object[] { minifiProps, statusFile }); }
From source file:org.apache.nifi.bootstrap.RunNiFi.java
private synchronized void savePidProperties(final Properties pidProperties, final Logger logger) throws IOException { final String pid = pidProperties.getProperty(PID_KEY); if (!StringUtils.isBlank(pid)) { writePidFile(pid, logger);/*from www .java2 s . com*/ } final File statusFile = getStatusFile(logger); if (statusFile.exists() && !statusFile.delete()) { logger.warn("Failed to delete {}", statusFile); } if (!statusFile.createNewFile()) { throw new IOException("Failed to create file " + statusFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(statusFile.toPath(), perms); } catch (final Exception e) { logger.warn( "Failed to set permissions so that only the owner can read status file {}; " + "this may allows others to have access to the key needed to communicate with NiFi. " + "Permissions should be changed so that only the owner can read this file", statusFile); } try (final FileOutputStream fos = new FileOutputStream(statusFile)) { pidProperties.store(fos, null); fos.getFD().sync(); } logger.debug("Saved Properties {} to {}", new Object[] { pidProperties, statusFile }); }
From source file:com.facebook.buck.util.ProjectFilesystemTest.java
@Test public void testCreateReadOnlyFileSetsPermissions() throws IOException { Path path = Paths.get("hello.txt"); ImmutableSet<PosixFilePermission> permissions = ImmutableSet.<PosixFilePermission>of( PosixFilePermission.OWNER_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OTHERS_READ); filesystem.writeContentsToPath("hello world", path, PosixFilePermissions.asFileAttribute(permissions)); // The umask may restrict the actual permissions on the filesystem: // https://fburl.com/26569549 // So the best we can do is to check that the actual permissions are a // strict subset of the expected permissions. PosixFileAttributes attrs = filesystem.readAttributes(path, PosixFileAttributes.class); assertTrue(permissions.containsAll(attrs.permissions())); }
From source file:org.apache.nifi.minifi.bootstrap.RunMiNiFi.java
private synchronized void writePidFile(final String pid, final Logger logger) throws IOException { final File pidFile = getPidFile(logger); if (pidFile.exists() && !pidFile.delete()) { logger.warn("Failed to delete {}", pidFile); }/* ww w . ja va 2 s . c o m*/ if (!pidFile.createNewFile()) { throw new IOException("Failed to create file " + pidFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(pidFile.toPath(), perms); } catch (final Exception e) { logger.warn("Failed to set permissions so that only the owner can read pid file {}; " + "this may allows others to have access to the key needed to communicate with MiNiFi. " + "Permissions should be changed so that only the owner can read this file", pidFile); } try (final FileOutputStream fos = new FileOutputStream(pidFile)) { fos.write(pid.getBytes(StandardCharsets.UTF_8)); fos.getFD().sync(); } logger.debug("Saved Pid {} to {}", new Object[] { pid, pidFile }); }
From source file:org.apache.nifi.bootstrap.RunNiFi.java
private synchronized void writePidFile(final String pid, final Logger logger) throws IOException { final File pidFile = getPidFile(logger); if (pidFile.exists() && !pidFile.delete()) { logger.warn("Failed to delete {}", pidFile); }//from w ww. j a v a 2s . c om if (!pidFile.createNewFile()) { throw new IOException("Failed to create file " + pidFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.OTHERS_READ); Files.setPosixFilePermissions(pidFile.toPath(), perms); } catch (final Exception e) { logger.warn("Failed to set permissions so that only the owner can read pid file {}; " + "this may allows others to have access to the key needed to communicate with NiFi. " + "Permissions should be changed so that only the owner can read this file", pidFile); } try (final FileOutputStream fos = new FileOutputStream(pidFile)) { fos.write(pid.getBytes(StandardCharsets.UTF_8)); fos.getFD().sync(); } logger.debug("Saved Pid {} to {}", new Object[] { pid, pidFile }); }
From source file:com.facebook.buck.io.filesystem.impl.DefaultProjectFilesystemTest.java
@Test public void testCreateReadOnlyFileSetsPermissions() throws IOException { Assume.assumeTrue(FileSystems.getDefault().supportedFileAttributeViews().contains("posix")); Path path = Paths.get("hello.txt"); ImmutableSet<PosixFilePermission> permissions = ImmutableSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OTHERS_READ); filesystem.writeContentsToPath("hello world", path, PosixFilePermissions.asFileAttribute(permissions)); // The umask may restrict the actual permissions on the filesystem: // https://fburl.com/26569549 // So the best we can do is to check that the actual permissions are a // strict subset of the expected permissions. PosixFileAttributes attrs = filesystem.readAttributes(path, PosixFileAttributes.class); assertTrue(permissions.containsAll(attrs.permissions())); }
From source file:com.streamsets.datacollector.http.TestWebServerTaskHttpHttps.java
@Test public void testAuthorizationConstraints() throws Exception { WebAppProvider webAppProvider = new WebAppProvider() { @Override// w w w . j a va 2s.com public ServletContextHandler get() { ServletContextHandler handler = new ServletContextHandler(); handler.setContextPath("/webapp"); handler.addServlet(new ServletHolder(new PingServlet()), "/ping"); handler.addServlet(new ServletHolder(new PingServlet()), "/rest/v1/ping"); handler.addServlet(new ServletHolder(new PingServlet()), "/public-rest/v1/ping"); return handler; } @Override public void postStart() { } }; Configuration conf = new Configuration(); int httpPort = getRandomPort(); conf.set(WebServerTask.AUTHENTICATION_KEY, "basic"); conf.set(WebServerTask.HTTP_PORT_KEY, httpPort); String confDir = createTestDir(); File realmFile = new File(confDir, "basic-realm.properties"); try (InputStream is = Thread.currentThread().getContextClassLoader() .getResourceAsStream("basic-realm.properties"); OutputStream os = new FileOutputStream(realmFile)) { IOUtils.copy(is, os); } Set<PosixFilePermission> set = new HashSet<>(); set.add(PosixFilePermission.OWNER_EXECUTE); set.add(PosixFilePermission.OWNER_READ); set.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(realmFile.toPath(), set); final WebServerTask ws = createWebServerTask(confDir, conf, ImmutableSet.of(webAppProvider)); try { ws.initTask(); new Thread() { @Override public void run() { ws.runTask(); } }.start(); Thread.sleep(1000); String baseUrl = "http://127.0.0.1:" + httpPort; // root app HttpURLConnection conn = (HttpURLConnection) new URL(baseUrl + "/ping").openConnection(); conn.setRequestProperty(CsrfProtectionFilter.HEADER_NAME, "CSRF"); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/public-rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/public-rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); // web app conn = (HttpURLConnection) new URL(baseUrl + "/webapp/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/webapp/rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/webapp/public-rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/public-rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); } finally { ws.stopTask(); } }
From source file:com.virtualparadigm.packman.processor.JPackageManager.java
public static boolean autorun(File autorunDir, Map<String, String> environmentVariableMap) { logger.info("PackageManager::autorun()"); boolean status = true; if (autorunDir != null && autorunDir.isDirectory()) { File[] autorunFiles = autorunDir.listFiles(); Arrays.sort(autorunFiles); String fileExtension = null; DefaultExecutor cmdExecutor = new DefaultExecutor(); // String sqlScriptFilePath = null; // Reader sqlScriptReader = null; // Properties sqlScriptProperties = null; for (File autorunFile : autorunFiles) { if (!autorunFile.isDirectory()) { try { fileExtension = FilenameUtils.getExtension(autorunFile.getAbsolutePath()); if (fileExtension != null) { if (fileExtension.equalsIgnoreCase("bat")) { logger.info(" executing autorun batch script: " + autorunFile.getAbsolutePath()); logger.info(" executing autorun environment: " + EnvironmentUtils.toStrings(environmentVariableMap)); cmdExecutor.execute(CommandLine.parse(autorunFile.getAbsolutePath()), environmentVariableMap); } else if (fileExtension.equalsIgnoreCase("sh")) { Set<PosixFilePermission> permissionSet = new HashSet<PosixFilePermission>(); permissionSet.add(PosixFilePermission.OWNER_READ); permissionSet.add(PosixFilePermission.OWNER_WRITE); permissionSet.add(PosixFilePermission.OWNER_EXECUTE); permissionSet.add(PosixFilePermission.OTHERS_READ); permissionSet.add(PosixFilePermission.OTHERS_WRITE); permissionSet.add(PosixFilePermission.OTHERS_EXECUTE); permissionSet.add(PosixFilePermission.GROUP_READ); permissionSet.add(PosixFilePermission.GROUP_WRITE); permissionSet.add(PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(Paths.get(autorunFile.toURI()), permissionSet); logger.info(" executing autorun shell script: " + autorunFile.getAbsolutePath()); logger.info(" executing autorun environment: " + EnvironmentUtils.toStrings(environmentVariableMap)); cmdExecutor.execute(CommandLine.parse(autorunFile.getAbsolutePath()), environmentVariableMap); } else if (fileExtension.equalsIgnoreCase("sql") || fileExtension.equalsIgnoreCase("ddl")) { logger.info(" executing autorun file: " + autorunFile.getAbsolutePath()); // look for properties file named same as script file for connection properties // sqlScriptFilePath = autorunFile.getAbsolutePath(); // sqlScriptProperties = PropertyLoader.loadProperties(sqlScriptFilePath.substring(0, sqlScriptFilePath.length()-3) + "properties"); // sqlScriptReader = new FileReader(autorunFile.getAbsolutePath()); } else if (fileExtension.equalsIgnoreCase("jar")) { logger.info(" executing autorun file: " + autorunFile.getAbsolutePath()); }// w w w.j a va 2 s .c om } } catch (Exception e) { logger.error("", e); e.printStackTrace(); } } } } return status; }
From source file:org.apache.hadoop.yarn.server.security.CertificateLocalizationService.java
private void materializeInternalX509(X509SecurityMaterial material) throws IOException { writeX509ToLocalFS(material.getKeyStoreMem(), material.getKeyStoreLocation().toFile(), material.getTrustStoreMem(), material.getTrustStoreLocation().toFile(), material.getKeyStorePass(), material.getPasswdLocation().toFile()); if (service == ServiceType.NM) { Set<PosixFilePermission> materialPermissions = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(material.getCertFolder(), materialPermissions); Files.setPosixFilePermissions(material.getKeyStoreLocation(), materialPermissions); Files.setPosixFilePermissions(material.getTrustStoreLocation(), materialPermissions); Files.setPosixFilePermissions(material.getPasswdLocation(), materialPermissions); }/* ww w. ja va 2 s. c o m*/ }
From source file:org.apache.hadoop.yarn.server.security.CertificateLocalizationService.java
private void materializeInternalJWT(JWTSecurityMaterial material) throws IOException { FileUtils.writeStringToFile(material.getTokenLocation().toFile(), material.getToken()); if (service == ServiceType.NM) { Set<PosixFilePermission> materialPermissions = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(material.getCertFolder(), materialPermissions); Files.setPosixFilePermissions(material.getTokenLocation(), materialPermissions); }//from w w w.j a v a 2s .com }