/** * Add the proper File-System permissions to a file so that SQL Server can run a RESTORE query. * * @param username The username that SQL Server runs as, e.g. "NETWORK SERVICE" * @param file The file whose permissions will be modified. * @throws IOException */ public static void addRestorePermissions(String username, Path file) throws IOException { AclFileAttributeView aclAttr = Files.getFileAttributeView(file, AclFileAttributeView.class); UserPrincipalLookupService currULS = file.getFileSystem().getUserPrincipalLookupService(); UserPrincipal principal = currULS.lookupPrincipalByName(username); AclEntry.Builder builder = AclEntry.newBuilder(); builder.setPermissions(EnumSet.of(AclEntryPermission.READ_DATA, AclEntryPermission.READ_ACL, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.EXECUTE, AclEntryPermission.SYNCHRONIZE)); builder.setPrincipal(principal); builder.setType(AclEntryType.ALLOW); aclAttr.setAcl(Collections.singletonList(builder.build())); }
/** * creates and grants permission to daemon files directory */ private static void setupEnvironment() { final File daemonFilePath = new File("/var/run/iofabric"); if (!daemonFilePath.exists()) { try { daemonFilePath.mkdirs(); UserPrincipalLookupService lookupservice = FileSystems.getDefault().getUserPrincipalLookupService(); final GroupPrincipal group = lookupservice.lookupPrincipalByGroupName("iofabric"); Files.getFileAttributeView(daemonFilePath.toPath(), PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS).setGroup(group); Set<PosixFilePermission> perms = PosixFilePermissions.fromString("rwxrwx---"); Files.setPosixFilePermissions(daemonFilePath.toPath(), perms); } catch (Exception e) { } } }
@Test public void testUserLookupService() throws IOException { UserPrincipalLookupService service = new UserLookupService(true); UserPrincipal bob1 = service.lookupPrincipalByName("bob"); UserPrincipal bob2 = service.lookupPrincipalByName("bob"); UserPrincipal alice = service.lookupPrincipalByName("alice"); assertThat(bob1).isEqualTo(bob2); assertThat(bob1).isNotEqualTo(alice); GroupPrincipal group1 = service.lookupPrincipalByGroupName("group"); GroupPrincipal group2 = service.lookupPrincipalByGroupName("group"); GroupPrincipal foo = service.lookupPrincipalByGroupName("foo"); assertThat(group1).isEqualTo(group2); assertThat(group1).isNotEqualTo(foo); }
@Override public void chown(String path, String username, String groupname) throws IOException { java.nio.file.Path p = FileSystems.getDefault().getPath(path); PosixFileAttributeView view = Files.getFileAttributeView(p, PosixFileAttributeView.class); UserPrincipalLookupService service = p.getFileSystem().getUserPrincipalLookupService(); if(!StringUtils.isBlank(username)) { view.setOwner(service.lookupPrincipalByName(username)); } if(!StringUtils.isBlank(groupname)) { view.setGroup(service.lookupPrincipalByGroupName(groupname)); } }
private void setWindowsPermissions(Path path) { try { AclFileAttributeView aclAttr = Files.getFileAttributeView(path, AclFileAttributeView.class); UserPrincipalLookupService lookupService = path.getFileSystem().getUserPrincipalLookupService(); aclAttr.setAcl(Arrays.asList( getAclEntry(lookupService.lookupPrincipalByName("SYSTEM"), Collections.emptySet()), getAclEntry(lookupService.lookupPrincipalByName(System.getProperty("user.name")), EnumSet.allOf(AclEntryPermission.class)) )); } catch (IOException ex) { throw new RuntimeException(ex); } }
@Test public void testGetUserPrincipalLookupServiceWillReturnTheServiceIfNotNull() { UserPrincipalLookupService service = context.mock(UserPrincipalLookupService.class); context.checking(new Expectations() {{ allowing(cloudHostSettings).getUserPrincipalLookupService(); will(returnValue(service)); }}); Assert.assertEquals(service, impl.getUserPrincipalLookupService()); }
public void change(Event e, Object[] delta, Changer.ChangeMode mode) { if (mode == Changer.ChangeMode.SET) { Path pth = Paths.get(skUtilities.getDefaultPath(path.getSingle(e))); try { UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); Files.setOwner(pth, lookupService.lookupPrincipalByName((String) delta[0])); } catch (Exception x) { skUtilities.prSysE("File: '" + pth + "' doesn't exist, or is not readable!", getClass().getSimpleName(), x); } } }
private UserPrincipal getUserPrincipalFrom(String userName) throws IOException { try { if (_isCacheEnabled) { return _nameToUserPrincipal.get(userName); } UserPrincipalLookupService service = FileSystems.getDefault().getUserPrincipalLookupService(); return service.lookupPrincipalByName(userName); } catch (IOException | UnsupportedOperationException e) { return null; } }
private GroupPrincipal getGroupPrincipalFrom(String groupName) throws IOException { try { if (_isCacheEnabled) { return _nameToGroupPrincipal.get(groupName); } UserPrincipalLookupService service = FileSystems.getDefault().getUserPrincipalLookupService(); return service.lookupPrincipalByGroupName(groupName); } catch (IOException | UnsupportedOperationException e) { return null; } }
private UserPrincipal getUserPrincipalFrom(String userName) throws IOException { try { UserPrincipal principal = _nameToUserPrincipal.get(userName); if (principal == null) { UserPrincipalLookupService service = FileSystems.getDefault().getUserPrincipalLookupService(); principal = service.lookupPrincipalByName(userName); _nameToUserPrincipal.put(userName, principal); } return principal; } catch (UnsupportedOperationException e) { throw new IOException(e); } }
private GroupPrincipal getGroupPrincipalFrom(String groupName) throws IOException { try { GroupPrincipal principal = _nameToGroupPrincipal.get(groupName); if (principal == null) { UserPrincipalLookupService service = FileSystems.getDefault().getUserPrincipalLookupService(); principal = service.lookupPrincipalByGroupName(groupName); _nameToGroupPrincipal.put(groupName, principal); } return principal; } catch (UnsupportedOperationException e) { throw new IOException(e); } }
/** * @param localFile the local file to use chown on * @param owner the file owner to set * @param group the file group to set * @throws IOException if chown couldn't be edited */ public static void chown(File localFile, String owner, String group) throws IOException { PosixFileAttributeView view = FileHelper.getFileAttributes(localFile); UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); UserPrincipal fileOwner = lookupService.lookupPrincipalByName(owner); GroupPrincipal fileGroup = lookupService.lookupPrincipalByGroupName(group); view.setOwner(fileOwner); view.setGroup(fileGroup); }
@Override public UserPrincipal getOwner() throws IOException { UserPrincipalLookupService ls = this.path.getFileSystem() .getUserPrincipalLookupService(); FileStatus fileStatus = path.getFileSystem().getHDFS() .getFileStatus(path.getRawResolvedPath()); return ls.lookupPrincipalByName(fileStatus.getOwner()); }
/** * Test UserPrincipalLookupService support. * * @throws IOException */ @Test public void testGetPosixViewSetOwner() throws IOException { Path rootPath = Paths.get(clusterUri); UserPrincipalLookupService lus = rootPath.getFileSystem() .getUserPrincipalLookupService(); assertNotNull(lus); }
@Test @Category( { Principals.class, Attributes.class, FileOwnerView.class } ) public void testFindOwner() throws IOException { UserPrincipalLookupService lookupService = FS.getUserPrincipalLookupService(); UserPrincipal owner = Files.getOwner( FS.getPath( "" ).toAbsolutePath() ); assertThat( lookupService.lookupPrincipalByName( owner.getName() ) ).isEqualTo( owner ); }
@Test public void testServiceNotSupportingGroups() throws IOException { UserPrincipalLookupService service = new UserLookupService(false); try { service.lookupPrincipalByGroupName("group"); fail(); } catch (UserPrincipalNotFoundException expected) { assertThat(expected.getName()).isEqualTo("group"); } }
@Override public void setFileOwner(String path, String owner) throws KMRuntimeException { try { UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); Files.setOwner(new File(path).toPath(), lookupService.lookupPrincipalByName(owner)); } catch (IOException e) { throw new KMRuntimeException(e.getMessage(), e); } }
@Override public void setFileGroup(String path, String group) throws KMRuntimeException { try { Path jpath = new File(path).toPath(); PosixFileAttributeView view = Files.getFileAttributeView(jpath, PosixFileAttributeView.class); UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); view.setGroup(lookupService.lookupPrincipalByGroupName(group)); } catch (IOException e) { throw new KMRuntimeException(e.getMessage(), e); } }
/** * Define file posix attribute view on a path/file. * * @param path Target path * @param filePermissions Permissions to apply * @param fileOwner File owner * @param fileGroup File group * @throws IOException If IO error during definition of file attribute view */ public static void defineFilePosixAttributeView(final Path path, final Set<PosixFilePermission> filePermissions, final String fileOwner, final String fileGroup) throws IOException { final PosixFileAttributeView view = Files.getFileAttributeView(path, PosixFileAttributeView.class); if (view != null) { final UserPrincipalLookupService lookupService = FileSystems.getDefault() .getUserPrincipalLookupService(); if (fileOwner != null) { final UserPrincipal userPrincipal = lookupService.lookupPrincipalByName(fileOwner); if (userPrincipal != null) { // If not sudoers member, it will throw Operation not permitted // Only processes with an effective user ID equal to the user ID // of the file or with appropriate privileges may change the ownership of a file. // If _POSIX_CHOWN_RESTRICTED is in effect for path view.setOwner(userPrincipal); } } if (fileGroup != null) { final GroupPrincipal groupPrincipal = lookupService.lookupPrincipalByGroupName(fileGroup); if (groupPrincipal != null) { // The current user id should be members of this group, // if not will raise Operation not permitted view.setGroup(groupPrincipal); } } if (filePermissions != null) { view.setPermissions(filePermissions); } } }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { return null; }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { // assume that unwrapped objects aren't exposed return delegate.getUserPrincipalLookupService(); }
@Override public final UserPrincipalLookupService getUserPrincipalLookupService() { throw new UnsupportedOperationException(); }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { return delegate.getUserPrincipalLookupService(); }
public void setUserPrincipalLookupService(Class<?> clazz) { setUserPrincipalLookupService(createInstanceFromNoArgConstructor(UserPrincipalLookupService.class, clazz)); }
public void setUserPrincipalLookupService(UserPrincipalLookupService userPrincipalLookupService) { this.userPrincipalLookupService = Optional.ofNullable(userPrincipalLookupService); }
@Override public final UserPrincipalLookupService getUserPrincipalLookupService() { return userPrincipalLookupService.orElse(getDefaultUserPrincipalLookupService()); }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { checkClosed(); return Optional.ofNullable(config.getUserPrincipalLookupService()) .orElseThrow(UnsupportedOperationException::new); }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { // TODO Auto-generated method stub return null; }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { throw new UnsupportedOperationException(); }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { // TODO throw new UnsupportedOperationException(); }
@Override public void setGroup(String group) throws IOException { UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService(); GroupPrincipal groupPrincipal = lookupService.lookupPrincipalByGroupName(group); Files.getFileAttributeView(file.toPath(), PosixFileAttributeView.class).setGroup(groupPrincipal); }
@Override public UserPrincipalLookupService getUserPrincipalLookupService() { return fileSystem.getUserPrincipalLookupService(); }
