Fix pluginmanager permissions for bin/ scripts

Today it will remove all permissions and only set execute bit:

    ---x--x--x

Instead we should preserve existing permissions, and just add
read and execute to whatever is there.

Closes #12142
This commit is contained in:
Robert Muir 2015-07-09 10:39:58 -04:00
parent 15d62713b1
commit dfbe108902
2 changed files with 13 additions and 4 deletions

View File

@ -277,14 +277,21 @@ public class PluginManager {
throw new IOException("Could not move [" + binFile + "] to [" + toLocation + "]", e); throw new IOException("Could not move [" + binFile + "] to [" + toLocation + "]", e);
} }
if (Files.getFileStore(toLocation).supportsFileAttributeView(PosixFileAttributeView.class)) { if (Files.getFileStore(toLocation).supportsFileAttributeView(PosixFileAttributeView.class)) {
final Set<PosixFilePermission> perms = new HashSet<>(); // add read and execute permissions to existing perms, so execution will work.
perms.add(PosixFilePermission.OWNER_EXECUTE); // read should generally be set already, but set it anyway: don't rely on umask...
perms.add(PosixFilePermission.GROUP_EXECUTE); final Set<PosixFilePermission> executePerms = new HashSet<>();
perms.add(PosixFilePermission.OTHERS_EXECUTE); executePerms.add(PosixFilePermission.OWNER_READ);
executePerms.add(PosixFilePermission.GROUP_READ);
executePerms.add(PosixFilePermission.OTHERS_READ);
executePerms.add(PosixFilePermission.OWNER_EXECUTE);
executePerms.add(PosixFilePermission.GROUP_EXECUTE);
executePerms.add(PosixFilePermission.OTHERS_EXECUTE);
Files.walkFileTree(toLocation, new SimpleFileVisitor<Path>() { Files.walkFileTree(toLocation, new SimpleFileVisitor<Path>() {
@Override @Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException { public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
if (attrs.isRegularFile()) { if (attrs.isRegularFile()) {
Set<PosixFilePermission> perms = Files.getPosixFilePermissions(file);
perms.addAll(executePerms);
Files.setPosixFilePermissions(file, perms); Files.setPosixFilePermissions(file, perms);
} }
return FileVisitResult.CONTINUE; return FileVisitResult.CONTINUE;

View File

@ -116,6 +116,8 @@ public class PluginManagerTests extends ElasticsearchIntegrationTest {
PosixFileAttributes attributes = view.readAttributes(); PosixFileAttributes attributes = view.readAttributes();
assertTrue("unexpected permissions: " + attributes.permissions(), assertTrue("unexpected permissions: " + attributes.permissions(),
attributes.permissions().contains(PosixFilePermission.OWNER_EXECUTE)); attributes.permissions().contains(PosixFilePermission.OWNER_EXECUTE));
assertTrue("unexpected permissions: " + attributes.permissions(),
attributes.permissions().contains(PosixFilePermission.OWNER_READ));
} }
} finally { } finally {
// we need to clean up the copied dirs // we need to clean up the copied dirs