List of usage examples for java.nio.file Files setPosixFilePermissions
public static Path setPosixFilePermissions(Path path, Set<PosixFilePermission> perms) throws IOException
From source file:org.kitodo.filemanagement.FileManagementTest.java
private static void setFileNotExecutable(File file) throws IOException { Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OTHERS_READ); perms.add(PosixFilePermission.OTHERS_WRITE); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.GROUP_WRITE); Files.setPosixFilePermissions(file.toPath(), perms); }
From source file:org.apache.nifi.registry.bootstrap.RunNiFiRegistry.java
private synchronized void writePidFile(final String pid, final Logger logger) throws IOException { final File pidFile = getPidFile(logger); if (pidFile.exists() && !pidFile.delete()) { logger.warn("Failed to delete {}", pidFile); }/* ww w. ja v a 2 s. c o m*/ if (!pidFile.createNewFile()) { throw new IOException("Failed to create file " + pidFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.OTHERS_READ); Files.setPosixFilePermissions(pidFile.toPath(), perms); } catch (final Exception e) { logger.warn("Failed to set permissions so that only the owner can read pid file {}; " + "this may allows others to have access to the key needed to communicate with NiFi Registry. " + "Permissions should be changed so that only the owner can read this file", pidFile); } try (final FileOutputStream fos = new FileOutputStream(pidFile)) { fos.write(pid.getBytes(StandardCharsets.UTF_8)); fos.getFD().sync(); } logger.debug("Saved Pid {} to {}", new Object[] { pid, pidFile }); }
From source file:org.apache.nifi.minifi.bootstrap.RunMiNiFi.java
private synchronized void saveProperties(final Properties minifiProps, final Logger logger) throws IOException { final String pid = minifiProps.getProperty(PID_KEY); if (!StringUtils.isBlank(pid)) { writePidFile(pid, logger);//from w w w . j ava 2 s . c o m } final File statusFile = getStatusFile(logger); if (statusFile.exists() && !statusFile.delete()) { logger.warn("Failed to delete {}", statusFile); } if (!statusFile.createNewFile()) { throw new IOException("Failed to create file " + statusFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.OTHERS_READ); Files.setPosixFilePermissions(statusFile.toPath(), perms); } catch (final Exception e) { logger.warn( "Failed to set permissions so that only the owner can read status file {}; " + "this may allows others to have access to the key needed to communicate with MiNiFi. " + "Permissions should be changed so that only the owner can read this file", statusFile); } try (final FileOutputStream fos = new FileOutputStream(statusFile)) { minifiProps.store(fos, null); fos.getFD().sync(); } logger.debug("Saved Properties {} to {}", new Object[] { minifiProps, statusFile }); }
From source file:org.apache.nifi.bootstrap.RunNiFi.java
private synchronized void savePidProperties(final Properties pidProperties, final Logger logger) throws IOException { final String pid = pidProperties.getProperty(PID_KEY); if (!StringUtils.isBlank(pid)) { writePidFile(pid, logger);/* ww w. j a v a2 s . co m*/ } final File statusFile = getStatusFile(logger); if (statusFile.exists() && !statusFile.delete()) { logger.warn("Failed to delete {}", statusFile); } if (!statusFile.createNewFile()) { throw new IOException("Failed to create file " + statusFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(statusFile.toPath(), perms); } catch (final Exception e) { logger.warn( "Failed to set permissions so that only the owner can read status file {}; " + "this may allows others to have access to the key needed to communicate with NiFi. " + "Permissions should be changed so that only the owner can read this file", statusFile); } try (final FileOutputStream fos = new FileOutputStream(statusFile)) { pidProperties.store(fos, null); fos.getFD().sync(); } logger.debug("Saved Properties {} to {}", new Object[] { pidProperties, statusFile }); }
From source file:org.apache.htrace.impl.HTracedSpanReceiver.java
void appendToDroppedSpansLog(String text) throws IOException { // Is the dropped spans log is disabled? if (conf.droppedSpansLogPath.isEmpty() || (conf.droppedSpansLogMaxSize == 0)) { return;/*from w w w.j a v a 2s .co m*/ } FileLock lock = null; String msg = ISO_DATE_FORMAT.format(new Date()) + ": " + text; ByteBuffer bb = ByteBuffer.wrap(msg.getBytes(StandardCharsets.UTF_8)); // FileChannel locking corresponds to advisory locking on UNIX. It will // protect multiple processes from attempting to write to the same dropped // spans log at once. However, within a single process, we need this // synchronized block to ensure that multiple HTracedSpanReceiver objects // don't try to write to the same log at once. (It is unusal to configure // multiple HTracedSpanReceiver objects, but possible.) synchronized (HTracedSpanReceiver.class) { FileChannel channel = FileChannel.open(Paths.get(conf.droppedSpansLogPath), APPEND, CREATE, WRITE); try { lock = channel.lock(); long size = channel.size(); if (size > conf.droppedSpansLogMaxSize) { throw new IOException("Dropped spans log " + conf.droppedSpansLogPath + " is already " + size + " bytes; will not add to it."); } else if ((size == 0) && (DROPPED_SPANS_FILE_PERMS != null)) { // Set the permissions of the dropped spans file so that other // processes can write to it. Files.setPosixFilePermissions(Paths.get(conf.droppedSpansLogPath), DROPPED_SPANS_FILE_PERMS); } channel.write(bb); } finally { try { if (lock != null) { lock.release(); } } finally { channel.close(); } } } }
From source file:org.apache.nifi.minifi.bootstrap.RunMiNiFi.java
private synchronized void writePidFile(final String pid, final Logger logger) throws IOException { final File pidFile = getPidFile(logger); if (pidFile.exists() && !pidFile.delete()) { logger.warn("Failed to delete {}", pidFile); }//from www . j ava2s . c o m if (!pidFile.createNewFile()) { throw new IOException("Failed to create file " + pidFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(pidFile.toPath(), perms); } catch (final Exception e) { logger.warn("Failed to set permissions so that only the owner can read pid file {}; " + "this may allows others to have access to the key needed to communicate with MiNiFi. " + "Permissions should be changed so that only the owner can read this file", pidFile); } try (final FileOutputStream fos = new FileOutputStream(pidFile)) { fos.write(pid.getBytes(StandardCharsets.UTF_8)); fos.getFD().sync(); } logger.debug("Saved Pid {} to {}", new Object[] { pid, pidFile }); }
From source file:org.apache.nifi.bootstrap.RunNiFi.java
private synchronized void writePidFile(final String pid, final Logger logger) throws IOException { final File pidFile = getPidFile(logger); if (pidFile.exists() && !pidFile.delete()) { logger.warn("Failed to delete {}", pidFile); }/*from w ww . j a v a 2 s.c om*/ if (!pidFile.createNewFile()) { throw new IOException("Failed to create file " + pidFile); } try { final Set<PosixFilePermission> perms = new HashSet<>(); perms.add(PosixFilePermission.OWNER_WRITE); perms.add(PosixFilePermission.OWNER_READ); perms.add(PosixFilePermission.GROUP_READ); perms.add(PosixFilePermission.OTHERS_READ); Files.setPosixFilePermissions(pidFile.toPath(), perms); } catch (final Exception e) { logger.warn("Failed to set permissions so that only the owner can read pid file {}; " + "this may allows others to have access to the key needed to communicate with NiFi. " + "Permissions should be changed so that only the owner can read this file", pidFile); } try (final FileOutputStream fos = new FileOutputStream(pidFile)) { fos.write(pid.getBytes(StandardCharsets.UTF_8)); fos.getFD().sync(); } logger.debug("Saved Pid {} to {}", new Object[] { pid, pidFile }); }
From source file:org.apache.ignite.testsuites.IgniteHadoopTestSuite.java
/** * Downloads and extracts an Apache product. * * @param appName Name of application for log messages. * @param homeVariable Pointer to home directory of the component. * @param downloadPath Relative download path of tar package. * @param destName Local directory name to install component. * @throws Exception If failed.//from w ww .ja va2 s . co m */ private static void download(String appName, String homeVariable, String downloadPath, String destName) throws Exception { String homeVal = IgniteSystemProperties.getString(homeVariable); if (!F.isEmpty(homeVal) && new File(homeVal).isDirectory()) { X.println(homeVariable + " is set to: " + homeVal); return; } List<String> urls = F.asList("http://archive.apache.org/dist/", "http://apache-mirror.rbc.ru/pub/apache/", "http://www.eu.apache.org/dist/", "http://www.us.apache.org/dist/"); String tmpPath = System.getProperty("java.io.tmpdir"); X.println("tmp: " + tmpPath); final File install = new File(tmpPath + File.separatorChar + "__hadoop"); final File home = new File(install, destName); X.println("Setting " + homeVariable + " to " + home.getAbsolutePath()); System.setProperty(homeVariable, home.getAbsolutePath()); final File successFile = new File(home, "__success"); if (home.exists()) { if (successFile.exists()) { X.println(appName + " distribution already exists."); return; } X.println(appName + " distribution is invalid and it will be deleted."); if (!U.delete(home)) throw new IOException("Failed to delete directory: " + home.getAbsolutePath()); } for (String url : urls) { if (!(install.exists() || install.mkdirs())) throw new IOException("Failed to create directory: " + install.getAbsolutePath()); URL u = new URL(url + downloadPath); X.println("Attempting to download from: " + u); try { URLConnection c = u.openConnection(); c.connect(); try (TarArchiveInputStream in = new TarArchiveInputStream( new GzipCompressorInputStream(new BufferedInputStream(c.getInputStream(), 32 * 1024)))) { TarArchiveEntry entry; while ((entry = in.getNextTarEntry()) != null) { File dest = new File(install, entry.getName()); if (entry.isDirectory()) { if (!dest.mkdirs()) throw new IllegalStateException(); } else if (entry.isSymbolicLink()) { // Important: in Hadoop installation there are symlinks, we need to create them: Path theLinkItself = Paths.get(install.getAbsolutePath(), entry.getName()); Path linkTarget = Paths.get(entry.getLinkName()); Files.createSymbolicLink(theLinkItself, linkTarget); } else { File parent = dest.getParentFile(); if (!(parent.exists() || parent.mkdirs())) throw new IllegalStateException(); X.print(" [" + dest); try (BufferedOutputStream out = new BufferedOutputStream( new FileOutputStream(dest, false), 128 * 1024)) { U.copy(in, out); out.flush(); } Files.setPosixFilePermissions(dest.toPath(), modeToPermissionSet(entry.getMode())); X.println("]"); } } } if (successFile.createNewFile()) return; } catch (Exception e) { e.printStackTrace(); U.delete(home); } } throw new IllegalStateException("Failed to install " + appName + "."); }
From source file:com.streamsets.datacollector.http.TestWebServerTaskHttpHttps.java
@Test public void testAuthorizationConstraints() throws Exception { WebAppProvider webAppProvider = new WebAppProvider() { @Override//from w w w. j a v a 2s. c o m public ServletContextHandler get() { ServletContextHandler handler = new ServletContextHandler(); handler.setContextPath("/webapp"); handler.addServlet(new ServletHolder(new PingServlet()), "/ping"); handler.addServlet(new ServletHolder(new PingServlet()), "/rest/v1/ping"); handler.addServlet(new ServletHolder(new PingServlet()), "/public-rest/v1/ping"); return handler; } @Override public void postStart() { } }; Configuration conf = new Configuration(); int httpPort = getRandomPort(); conf.set(WebServerTask.AUTHENTICATION_KEY, "basic"); conf.set(WebServerTask.HTTP_PORT_KEY, httpPort); String confDir = createTestDir(); File realmFile = new File(confDir, "basic-realm.properties"); try (InputStream is = Thread.currentThread().getContextClassLoader() .getResourceAsStream("basic-realm.properties"); OutputStream os = new FileOutputStream(realmFile)) { IOUtils.copy(is, os); } Set<PosixFilePermission> set = new HashSet<>(); set.add(PosixFilePermission.OWNER_EXECUTE); set.add(PosixFilePermission.OWNER_READ); set.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(realmFile.toPath(), set); final WebServerTask ws = createWebServerTask(confDir, conf, ImmutableSet.of(webAppProvider)); try { ws.initTask(); new Thread() { @Override public void run() { ws.runTask(); } }.start(); Thread.sleep(1000); String baseUrl = "http://127.0.0.1:" + httpPort; // root app HttpURLConnection conn = (HttpURLConnection) new URL(baseUrl + "/ping").openConnection(); conn.setRequestProperty(CsrfProtectionFilter.HEADER_NAME, "CSRF"); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/public-rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/public-rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); // web app conn = (HttpURLConnection) new URL(baseUrl + "/webapp/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/webapp/rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) new URL(baseUrl + "/webapp/public-rest/v1/ping").openConnection(); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); conn = (HttpURLConnection) openWithBasicAuth(new URL(baseUrl + "/webapp/public-rest/v1/ping")); Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode()); } finally { ws.stopTask(); } }
From source file:org.apache.hadoop.yarn.server.security.CertificateLocalizationService.java
private void materializeInternalX509(X509SecurityMaterial material) throws IOException { writeX509ToLocalFS(material.getKeyStoreMem(), material.getKeyStoreLocation().toFile(), material.getTrustStoreMem(), material.getTrustStoreLocation().toFile(), material.getKeyStorePass(), material.getPasswdLocation().toFile()); if (service == ServiceType.NM) { Set<PosixFilePermission> materialPermissions = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE); Files.setPosixFilePermissions(material.getCertFolder(), materialPermissions); Files.setPosixFilePermissions(material.getKeyStoreLocation(), materialPermissions); Files.setPosixFilePermissions(material.getTrustStoreLocation(), materialPermissions); Files.setPosixFilePermissions(material.getPasswdLocation(), materialPermissions); }/*from w ww . j ava2s . c o m*/ }