private boolean needsPermissionsUpdate(FileStatus fileStatus) { return this.permission.isPresent() && !this.permission.get().equals(fileStatus.getPermission()); }
/** * Before retrieving private key, it makes sure that original private key's permission is read only on the owner. * This is a way to ensure to keep private key private. * @param fs * @param privateKeyPath * @return * @throws IOException */ private static Path getPrivateKey(FileSystem fs, String privateKeyPath) throws IOException { Path keyPath = new Path(privateKeyPath); FileStatus fileStatus = fs.getFileStatus(keyPath); Preconditions.checkArgument(USER_READ_PERMISSION_ONLY.equals(fileStatus.getPermission()), "Private key file should only have read only permission only on user. " + keyPath); return keyPath; }
public String decrypt(final String cipheredText, final String passphrasePath, final FileSystem fs) throws IOException { Preconditions.checkNotNull(cipheredText); Preconditions.checkNotNull(passphrasePath); final Path path = new Path(passphrasePath); Preconditions.checkArgument(fs.exists(path), "File does not exist at " + passphrasePath); Preconditions .checkArgument(fs.isFile(path), "Passphrase path is not a file. " + passphrasePath); final FileStatus fileStatus = fs.getFileStatus(path); Preconditions.checkArgument(USER_READ_PERMISSION_ONLY.equals(fileStatus.getPermission()), "Passphrase file should only have read only permission on only user. " + passphrasePath); final Crypto crypto = new Crypto(); try (BufferedReader br = new BufferedReader(new InputStreamReader(fs.open(path), Charset.defaultCharset()))) { final String passphrase = br.readLine(); final String decrypted = crypto.decrypt(cipheredText, passphrase); Preconditions.checkNotNull(decrypted, "Was not able to decrypt"); return decrypted; } } }
if (isSecurityEnabled && !dirPerms.equals(fs.getFileStatus(p).getPermission())) {
public static void mkdirsWithRecursivePermissionWithRetry(final FileSystem fs, final Path path, FsPermission perm, Config retrierConfig) throws IOException { if (fs.exists(path)) { return; } if (path.getParent() != null && !fs.exists(path.getParent())) { mkdirsWithRecursivePermissionWithRetry(fs, path.getParent(), perm, retrierConfig); } if (!fs.mkdirs(path, perm)) { throw new IOException(String.format("Unable to mkdir %s with permission %s", path, perm)); } if (retrierConfig != NO_RETRY_CONFIG) { //Wait until file is not there as it can happen the file fail to exist right away on eventual consistent fs like Amazon S3 Retryer<Void> retryer = RetryerFactory.newInstance(retrierConfig); try { retryer.call(() -> { if (!fs.exists(path)) { throw new IOException("Path " + path + " does not exist however it should. Will wait more."); } return null; }); } catch (Exception e) { throw new IOException("Path " + path + "does not exist however it should. Giving up..."+ e); } } // Double check permission, since fs.mkdirs() may not guarantee to set the permission correctly if (!fs.getFileStatus(path).getPermission().equals(perm)) { fs.setPermission(path, perm); } }
perms = dirPerms; if (perms != null && !perms.equals(fStatus.getPermission())) { setPerms = true;
if (filesMode > 0 && stat.getPermission().toShort() != filesMode) { outputFs.setPermission(path, new FsPermission(filesMode)); } else if (refStat != null && !stat.getPermission().equals(refStat.getPermission())) { outputFs.setPermission(path, refStat.getPermission());
/** * Create the directory or check permissions if it already exists. * * The semantics of mkdirsWithExistsAndPermissionCheck method is different * from the mkdirs method provided in the Sun's java.io.File class in the * following way: * While creating the non-existent parent directories, this method checks for * the existence of those directories if the mkdir fails at any point (since * that directory might have just been created by some other process). * If both mkdir() and the exists() check fails for any seemingly * non-existent directory, then we signal an error; Sun's mkdir would signal * an error (return false) if a directory it is attempting to create already * exists or the mkdir fails. * * @param localFS local filesystem * @param dir directory to be created or checked * @param expected expected permission * @throws IOException */ static void mkdirsWithExistsAndPermissionCheck( LocalFileSystem localFS, Path dir, FsPermission expected) throws IOException { File directory = localFS.pathToFile(dir); boolean created = false; if (!directory.exists()) created = mkdirsWithExistsCheck(directory); if (created || !localFS.getFileStatus(dir).getPermission().equals(expected)) localFS.setPermission(dir, expected); }
if (!stagingFileStatus.getPermission().equals(this.filePermission)) { this.fs.setPermission(this.stagingFile, this.filePermission);
FsPermission desiredPerm = new FsPermission(u, g, o); fs.setPermission(path, desiredPerm); if (!fs.getFileStatus(path).getPermission().equals(desiredPerm)) { throw new RuntimeException("Failed to set permission for " + path + " from: " + perm + " to: " + desiredPerm);
protected void mkdirs(FileSystem fs, Path path, FsPermission perm, Configuration conf) throws IOException { if (!fs.exists(path.getParent())) mkdirs(fs, path.getParent(), perm, conf); String msg = "Creating " + path + " with permissions " + perm + " and umask " + getUmask(conf); if (!fs.exists(path)) { log.info(msg); } if (!fs.mkdirs(path, perm)) { msg = msg + " failed"; log.error(msg); throw new IOException(msg); } if (!fs.getFileStatus(path).getPermission().equals(perm)) { log.error(String.format("Wrong permission for %s. Expects %s, actual %s", path, perm, fs.getFileStatus(path) .getPermission())); fs.setPermission(path, perm); } }
Log.info("Created tmpPath " + tmpPath + " with permissions " + perm + " and umask " + getUmask(conf)); if (!fileSystem.getFileStatus(tmpPath).getPermission().equals(perm)) { log.error(String.format("Wrong permission for %s. Expects %s, actual %s", tmpPath, perm, fileSystem .getFileStatus(tmpPath).getPermission()));
@Override public boolean equals(Object o) { // This intentionally delegates to the base class. This is only overridden // to suppress a FindBugs warning. return super.equals(o); }
protected void createDir(FileSystem fs, Path path, FsPermission fsPerm) throws IOException { FsPermission dirPerm = new FsPermission(fsPerm); fs.mkdirs(path, dirPerm); FsPermission umask = FsPermission.getUMask(fs.getConf()); if (!dirPerm.equals(dirPerm.applyUMask(umask))) { fs.setPermission(path, new FsPermission(fsPerm)); } }
private static void createDir(FileContext lfs, Path dirPath, FsPermission perms) throws IOException { lfs.mkdir(dirPath, perms, false); if (!perms.equals(perms.applyUMask(lfs.getUMask()))) { lfs.setPermission(dirPath, perms); } }
private void createDir(Path path, FsPermission perm) throws IOException { files.mkdir(path, perm, false); if (!perm.equals(files.getUMask().applyUMask(perm))) { files.setPermission(path, perm); } }
protected void createDir(Path dirPath, FsPermission perms, boolean createParent, String user) throws IOException { lfs.mkdir(dirPath, perms, createParent); if (!perms.equals(perms.applyUMask(lfs.getUMask()))) { lfs.setPermission(dirPath, perms); } }
private static void createDir(FileContext lfs, Path dirPath, FsPermission perms, boolean createParent) throws IOException { lfs.mkdir(dirPath, perms, createParent); if (!perms.equals(perms.applyUMask(lfs.getUMask()))) { lfs.setPermission(dirPath, perms); } } }
protected void createDir(Path dirPath, FsPermission perms, boolean createParent, String user) throws IOException { lfs.mkdir(dirPath, perms, createParent); if (!perms.equals(perms.applyUMask(lfs.getUMask()))) { lfs.setPermission(dirPath, perms); } }