From 7e9a6b653e916112a9ff86e2a25a7b372c097eb9 Mon Sep 17 00:00:00 2001 From: Naganarasimha Date: Tue, 15 Nov 2016 10:29:23 +0530 Subject: [PATCH] Reverting the patch due to the issue raised in YARN-5765 Revert "YARN-5287. LinuxContainerExecutor fails to set proper permission. Contributed by Ying Zhang." This reverts commit 93b768d0d16ea7d1123905e38f8a93430d0e70db. --- .../impl/container-executor.c | 11 +---- .../impl/container-executor.h | 10 ----- .../test/test-container-executor.c | 42 ------------------- 3 files changed, 1 insertion(+), 62 deletions(-) diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c index 2b9f060cbb3..db11fe9cc76 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c @@ -608,15 +608,6 @@ int create_validate_dir(const char* npath, mode_t perm, const char* path, if (check_dir(npath, sb.st_mode, perm, finalComponent) == -1) { return -1; } - } else { - // Explicitly set permission after creating the directory in case - // umask has been set to a restrictive value, i.e., 0077. - if (chmod(npath, perm) != 0) { - int permInt = perm & (S_IRWXU | S_IRWXG | S_IRWXO); - fprintf(LOGFILE, "Can't chmod %s to the required permission %o - %s\n", - npath, permInt, strerror(errno)); - return -1; - } } } else { if (check_dir(npath, sb.st_mode, perm, finalComponent) == -1) { @@ -647,7 +638,7 @@ int check_dir(const char* npath, mode_t st_mode, mode_t desired, int finalCompon * Function to prepare the container directories. * It creates the container work and log directories. */ -int create_container_directories(const char* user, const char *app_id, +static int create_container_directories(const char* user, const char *app_id, const char *container_id, char* const* local_dir, char* const* log_dir, const char *work_dir) { // create dirs as 0750 const mode_t perms = S_IRWXU | S_IRGRP | S_IXGRP; diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.h b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.h index 2b3a3ca6174..481eaeb3b18 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.h +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.h @@ -291,13 +291,3 @@ int is_docker_support_enabled(); * Run a docker command passing the command file as an argument */ int run_docker(const char *command_file); - -/** - * Function to prepare the container directories. - * It creates the container work and log directories. - */ -int create_container_directories(const char* user, const char *app_id, - const char *container_id, char* const* local_dir, - char* const* log_dir, const char *work_dir); - -int create_log_dirs(const char *app_id, char * const * log_dirs); diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c index 74a326d773e..22f463ff00f 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/test/test-container-executor.c @@ -1001,44 +1001,6 @@ void test_recursive_unlink_children() { } } -/** - * This test is used to verify that app and container directories can be - * created with required permissions when umask has been set to a restrictive - * value of 077. - */ -void test_dir_permissions() { - printf("\nTesting dir permissions\n"); - - // Set umask to 077 - umask(077); - - // Change user to the yarn user. This only takes effect when we're - // running as root. - if (seteuid(user_detail->pw_uid) != 0) { - printf("FAIL: failed to seteuid to user - %s\n", strerror(errno)); - exit(1); - } - - // Create container directories for "app_5" - char* container_dir = get_container_work_directory(TEST_ROOT "/local-1", - yarn_username, "app_5", "container_1"); - create_log_dirs("app_5", log_dirs); - create_container_directories(yarn_username, "app_5", "container_1", - local_dirs, log_dirs, container_dir); - - // Verify directories have been created with required permissions - mode_t container_dir_perm = S_IRWXU | S_IRGRP | S_IXGRP; - struct stat sb; - if (stat(container_dir, &sb) != 0 || - check_dir(container_dir, sb.st_mode, container_dir_perm, 1) != 0) { - printf("FAIL: failed to create container directory %s " - "with required permissions\n", container_dir); - exit(1); - } - - free(container_dir); -} - // This test is expected to be executed either by a regular // user or by root. If executed by a regular user it doesn't // test all the functions that would depend on changing the @@ -1139,10 +1101,6 @@ int main(int argc, char **argv) { test_run_container(); } - // This test needs to be run in a subshell, so that when it changes umask - // and user, it doesn't give up our privs. - run_test_in_child("test_dir_permissions", test_dir_permissions); - seteuid(0); // test_delete_user must run as root since that's how we use the delete_as_user test_delete_user();