Merge pull request #12157 from rmuir/plugin_permissions

Fix pluginmanager permissions for bin/ scripts
2015-07-09 10:50:48 -04:00 · 2015-07-09 10:50:48 -04:00 · e4b355b790
parent 15d62713b1 dfbe108902
commit e4b355b790
2 changed files with 13 additions and 4 deletions
--- a/core/src/main/java/org/elasticsearch/plugins/PluginManager.java
+++ b/core/src/main/java/org/elasticsearch/plugins/PluginManager.java
@ -277,14 +277,21 @@ public class PluginManager {
                throw new IOException("Could not move [" + binFile + "] to [" + toLocation + "]", e);
            }
            if (Files.getFileStore(toLocation).supportsFileAttributeView(PosixFileAttributeView.class)) {
-                final Set<PosixFilePermission> perms = new HashSet<>();
-                perms.add(PosixFilePermission.OWNER_EXECUTE);
-                perms.add(PosixFilePermission.GROUP_EXECUTE);
-                perms.add(PosixFilePermission.OTHERS_EXECUTE);
+                // add read and execute permissions to existing perms, so execution will work.
+                // read should generally be set already, but set it anyway: don't rely on umask...
+                final Set<PosixFilePermission> executePerms = new HashSet<>();
+                executePerms.add(PosixFilePermission.OWNER_READ);
+                executePerms.add(PosixFilePermission.GROUP_READ);
+                executePerms.add(PosixFilePermission.OTHERS_READ);
+                executePerms.add(PosixFilePermission.OWNER_EXECUTE);
+                executePerms.add(PosixFilePermission.GROUP_EXECUTE);
+                executePerms.add(PosixFilePermission.OTHERS_EXECUTE);
                Files.walkFileTree(toLocation, new SimpleFileVisitor<Path>() {
                    @Override
                    public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
                        if (attrs.isRegularFile()) {
+                            Set<PosixFilePermission> perms = Files.getPosixFilePermissions(file);
+                            perms.addAll(executePerms);
                            Files.setPosixFilePermissions(file, perms);
                        }
                        return FileVisitResult.CONTINUE;
--- a/core/src/test/java/org/elasticsearch/plugins/PluginManagerTests.java
+++ b/core/src/test/java/org/elasticsearch/plugins/PluginManagerTests.java
@ -116,6 +116,8 @@ public class PluginManagerTests extends ElasticsearchIntegrationTest {
                PosixFileAttributes attributes = view.readAttributes();
                assertTrue("unexpected permissions: " + attributes.permissions(),
                           attributes.permissions().contains(PosixFilePermission.OWNER_EXECUTE));
+                assertTrue("unexpected permissions: " + attributes.permissions(),
+                        attributes.permissions().contains(PosixFilePermission.OWNER_READ));
            }
        } finally {
            // we need to clean up the copied dirs