honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12157 from rmuir/plugin_permissions 

Fix pluginmanager permissions for bin/ scripts
This commit is contained in:
Robert Muir 2015-07-09 10:50:48 -04:00
parent 15d62713b1 dfbe108902
commit e4b355b790
2 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
core/src/main/java/org/elasticsearch/plugins/PluginManager.java
View File

@ -277,14 +277,21 @@ public class PluginManager {
throw new IOException("Could not move [" + binFile + "] to [" + toLocation + "]", e); throw new IOException("Could not move [" + binFile + "] to [" + toLocation + "]", e);
} }
if (Files.getFileStore(toLocation).supportsFileAttributeView(PosixFileAttributeView.class)) { if (Files.getFileStore(toLocation).supportsFileAttributeView(PosixFileAttributeView.class)) {
final Set<PosixFilePermission> perms = new HashSet<>(); // add read and execute permissions to existing perms, so execution will work.
perms.add(PosixFilePermission.OWNER_EXECUTE); // read should generally be set already, but set it anyway: don't rely on umask...
perms.add(PosixFilePermission.GROUP_EXECUTE); final Set<PosixFilePermission> executePerms = new HashSet<>();
perms.add(PosixFilePermission.OTHERS_EXECUTE); executePerms.add(PosixFilePermission.OWNER_READ);
executePerms.add(PosixFilePermission.GROUP_READ);
executePerms.add(PosixFilePermission.OTHERS_READ);
executePerms.add(PosixFilePermission.OWNER_EXECUTE);
executePerms.add(PosixFilePermission.GROUP_EXECUTE);
executePerms.add(PosixFilePermission.OTHERS_EXECUTE);
Files.walkFileTree(toLocation, new SimpleFileVisitor<Path>() { Files.walkFileTree(toLocation, new SimpleFileVisitor<Path>() {
@Override @Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException { public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
if (attrs.isRegularFile()) { if (attrs.isRegularFile()) {
Set<PosixFilePermission> perms = Files.getPosixFilePermissions(file);
perms.addAll(executePerms);
Files.setPosixFilePermissions(file, perms); Files.setPosixFilePermissions(file, perms);
} }
return FileVisitResult.CONTINUE; return FileVisitResult.CONTINUE;

2
core/src/test/java/org/elasticsearch/plugins/PluginManagerTests.java
View File

@ -116,6 +116,8 @@ public class PluginManagerTests extends ElasticsearchIntegrationTest {
PosixFileAttributes attributes = view.readAttributes(); PosixFileAttributes attributes = view.readAttributes();
assertTrue("unexpected permissions: " + attributes.permissions(), assertTrue("unexpected permissions: " + attributes.permissions(),
attributes.permissions().contains(PosixFilePermission.OWNER_EXECUTE)); attributes.permissions().contains(PosixFilePermission.OWNER_EXECUTE));
assertTrue("unexpected permissions: " + attributes.permissions(),
attributes.permissions().contains(PosixFilePermission.OWNER_READ));
} }
} finally { } finally {
// we need to clean up the copied dirs // we need to clean up the copied dirs