public final static void protectPath(Path path) { try { Files.setPosixFilePermissions(path, securePerm); } catch (UnsupportedOperationException | IOException e) {} }
/** * Set directory permissions to (OWNER)RWX (GROUP)R-X (OTHER)--- On some systems that do not support this, it may become a noop * * @param dir the directory to change permissions on * @throws IOException on any error */ public void restrictDirectoryPermissions(File dir) throws IOException { Set<PosixFilePermission> perms = new HashSet<>( Arrays.asList(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE)); Files.setPosixFilePermissions(dir.toPath(), perms); }
private void setDirectoryPermissions(File v3Directory) throws IOException { EnumSet<PosixFilePermission> permissions = EnumSet .of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_WRITE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OTHERS_READ, PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(v3Directory.toPath(), permissions); }
public static void makeExec(File file) throws IOException { try { Files.setPosixFilePermissions(file.toPath(), new HashSet<>(Arrays.asList(OWNER_READ, OWNER_WRITE, OWNER_EXECUTE, GROUP_READ, GROUP_WRITE, GROUP_EXECUTE, OTHERS_READ, OTHERS_EXECUTE))); } catch (Throwable ignore) { // Our best effort was not good enough :) } }
private static void setExec(Path path) { try { path.toFile().setExecutable(true); Files.setPosixFilePermissions(path, PosixFilePermissions.fromString("rwxr-xr-x")); } catch (Exception ex) { // ignored } } }
/** * Changes local file's permission. * * @param filePath that will change permission * @param perms the permission, e.g. "rwxr--r--" */ public static void changeLocalFilePermission(String filePath, String perms) throws IOException { Files.setPosixFilePermissions(Paths.get(filePath), PosixFilePermissions.fromString(perms)); }
private static void makeWritable(@Nonnull Path path) throws IOException { if (!Functions.isWindows()) { try { PosixFileAttributes attrs = Files.readAttributes(path, PosixFileAttributes.class); Set<PosixFilePermission> newPermissions = attrs.permissions(); newPermissions.add(PosixFilePermission.OWNER_WRITE); Files.setPosixFilePermissions(path, newPermissions); } catch (NoSuchFileException ignored) { return; } catch (UnsupportedOperationException ignored) { // PosixFileAttributes not supported, fall back to old IO. } } /* * We intentionally do not check the return code of setWritable, because if it * is false we prefer to rethrow the exception thrown by Files.deleteIfExists, * which will have a more useful message than something we make up here. */ path.toFile().setWritable(true); }
private static boolean canExecuteExecutable(File file) throws IOException { if (PlatformDependent.javaVersion() < 7) { // Pre-JDK7, the Java API did not directly support POSIX permissions; instead of implementing a custom // work-around, assume true, which disables the check. return true; } // If we can already execute, there is nothing to do. if (file.canExecute()) { return true; } // On volumes, with noexec set, even files with the executable POSIX permissions will fail to execute. // The File#canExecute() method honors this behavior, probaby via parsing the noexec flag when initializing // the UnixFileStore, though the flag is not exposed via a public API. To find out if library is being // loaded off a volume with noexec, confirm or add executalbe permissions, then check File#canExecute(). // Note: We use FQCN to not break when netty is used in java6 Set<java.nio.file.attribute.PosixFilePermission> existingFilePermissions = java.nio.file.Files.getPosixFilePermissions(file.toPath()); Set<java.nio.file.attribute.PosixFilePermission> executePermissions = EnumSet.of(java.nio.file.attribute.PosixFilePermission.OWNER_EXECUTE, java.nio.file.attribute.PosixFilePermission.GROUP_EXECUTE, java.nio.file.attribute.PosixFilePermission.OTHERS_EXECUTE); if (existingFilePermissions.containsAll(executePermissions)) { return false; } Set<java.nio.file.attribute.PosixFilePermission> newPermissions = EnumSet.copyOf(existingFilePermissions); newPermissions.addAll(executePermissions); java.nio.file.Files.setPosixFilePermissions(file.toPath(), newPermissions); return file.canExecute(); }
private synchronized void ensurePaths() throws IOException { File directory = mergedConfigDirectory.toFile(); if (directory.mkdirs()) { Files.setPosixFilePermissions( mergedConfigDirectory, PosixFilePermissions.fromString("rwx------")); logger.info("Set up PriamConfigurationPersister directory successfully"); } }
public static Closeable withPermissions( Path file, Set<PosixFilePermission> permissions ) throws IOException { Set<PosixFilePermission> originalPermissions = Files.getPosixFilePermissions( file ); Files.setPosixFilePermissions( file, permissions ); return () -> Files.setPosixFilePermissions( file, originalPermissions ); } }
private static boolean canExecuteExecutable(File file) throws IOException { if (PlatformDependent.javaVersion() < 7) { // Pre-JDK7, the Java API did not directly support POSIX permissions; instead of implementing a custom // work-around, assume true, which disables the check. return true; } // If we can already execute, there is nothing to do. if (file.canExecute()) { return true; } // On volumes, with noexec set, even files with the executable POSIX permissions will fail to execute. // The File#canExecute() method honors this behavior, probaby via parsing the noexec flag when initializing // the UnixFileStore, though the flag is not exposed via a public API. To find out if library is being // loaded off a volume with noexec, confirm or add executalbe permissions, then check File#canExecute(). // Note: We use FQCN to not break when netty is used in java6 Set<java.nio.file.attribute.PosixFilePermission> existingFilePermissions = java.nio.file.Files.getPosixFilePermissions(file.toPath()); Set<java.nio.file.attribute.PosixFilePermission> executePermissions = EnumSet.of(java.nio.file.attribute.PosixFilePermission.OWNER_EXECUTE, java.nio.file.attribute.PosixFilePermission.GROUP_EXECUTE, java.nio.file.attribute.PosixFilePermission.OTHERS_EXECUTE); if (existingFilePermissions.containsAll(executePermissions)) { return false; } Set<java.nio.file.attribute.PosixFilePermission> newPermissions = EnumSet.copyOf(existingFilePermissions); newPermissions.addAll(executePermissions); java.nio.file.Files.setPosixFilePermissions(file.toPath(), newPermissions); return file.canExecute(); }
private void setExecutableIfAvailable(final String targetFileName) throws IOException { final Path targetPath = this.pluginBasePath.resolve(targetFileName); final FileSystem fileSystem = targetPath.getFileSystem(); if (fileSystem.supportedFileAttributeViews().contains("posix")) { // NTFS does not support PosixFilePermissions, for example. final Set<PosixFilePermission> permissions = new HashSet<PosixFilePermission>(Files.getPosixFilePermissions(targetPath)); permissions.add(PosixFilePermission.OWNER_EXECUTE); permissions.add(PosixFilePermission.GROUP_EXECUTE); permissions.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(targetPath, permissions); } }
private void setExecutableIfAvailable(final String targetFileName) throws IOException { final Path targetPath = this.basePath.resolve(targetFileName); final FileSystem fileSystem = targetPath.getFileSystem(); if (fileSystem.supportedFileAttributeViews().contains("posix")) { // NTFS does not support PosixFilePermissions, for example. final Set<PosixFilePermission> permissions = new HashSet<PosixFilePermission>(Files.getPosixFilePermissions(targetPath)); permissions.add(PosixFilePermission.OWNER_EXECUTE); permissions.add(PosixFilePermission.GROUP_EXECUTE); permissions.add(PosixFilePermission.OTHERS_EXECUTE); Files.setPosixFilePermissions(targetPath, permissions); } }
public static void chmod( File file, int mode ) throws IOException { Path path = file.toPath(); if ( !Files.isSymbolicLink( path ) ) { Files.setPosixFilePermissions( path, getPermissions( mode ) ); } }
/** * Change permissions via NIO. */ private static void _chmod(File f, int mask) throws IOException { // TODO WindowsPosix actually does something here (WindowsLibC._wchmod); should we let it? // Anyway the existing calls already skip this method if on Windows. if (File.pathSeparatorChar==';') return; // noop if (Util.NATIVE_CHMOD_MODE) { PosixAPI.jnr().chmod(f.getAbsolutePath(), mask); } else { Files.setPosixFilePermissions(fileToPath(f), Util.modeToPermissions(mask)); } }
/** * Formats the worker data folder. * * @param folder folder path */ private static void formatWorkerDataFolder(String folder) throws IOException { Path path = Paths.get(folder); if (Files.exists(path)) { FileUtils.deletePathRecursively(folder); } Files.createDirectory(path); // For short-circuit read/write to work, others needs to be able to access this directory. // Therefore, default is 777 but if the user specifies the permissions, respect those instead. String permissions = ServerConfiguration.get(PropertyKey.WORKER_DATA_FOLDER_PERMISSIONS); Set<PosixFilePermission> perms = PosixFilePermissions.fromString(permissions); Files.setPosixFilePermissions(path, perms); FileUtils.setLocalDirStickyBit(path.toAbsolutePath().toString()); }
public Void perform() { try { Path target = vertx.resolveFile(path).toPath(); if (dirPermissions != null) { Files.walkFileTree(target, new SimpleFileVisitor<Path>() { public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException { //The directory entries typically have different permissions to the files, e.g. execute permission //or can't cd into it Files.setPosixFilePermissions(dir, dirPermissions); return FileVisitResult.CONTINUE; } public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException { Files.setPosixFilePermissions(file, permissions); return FileVisitResult.CONTINUE; } }); } else { Files.setPosixFilePermissions(target, permissions); } } catch (SecurityException e) { throw new FileSystemException("Accessed denied for chmod on " + path); } catch (IOException e) { throw new FileSystemException(e); } return null; } };
private void makeJarDirReadOnly() { try { Files.setPosixFilePermissions(jarDir, new HashSet<>(Arrays.asList( PosixFilePermission.OTHERS_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OWNER_READ, PosixFilePermission.OTHERS_EXECUTE, PosixFilePermission.GROUP_EXECUTE, PosixFilePermission.OWNER_EXECUTE))); } catch (final Exception e) { Assume.assumeNoException(e); } }
private void setPerms(Path path, String perms) { if (Utils.isWindows() == false) { try { Files.setPosixFilePermissions( path, PosixFilePermissions.fromString(perms) ); } catch(IOException e) { throw new RuntimeException(e.getMessage()); } } }
@Test public void testDoNotCancelJobIfSavepointFails() throws Exception { setUpWithCheckpointInterval(10L); try { Files.setPosixFilePermissions(savepointDirectory, Collections.emptySet()); } catch (IOException e) { Assume.assumeNoException(e); } try { cancelWithSavepoint(); } catch (Exception e) { assertThat(ExceptionUtils.findThrowable(e, CheckpointTriggerException.class).isPresent(), equalTo(true)); } final JobStatus jobStatus = clusterClient.getJobStatus(jobGraph.getJobID()).get(60, TimeUnit.SECONDS); assertThat(jobStatus, equalTo(JobStatus.RUNNING)); // assert that checkpoints are continued to be triggered triggerCheckpointLatch = new CountDownLatch(1); assertThat(triggerCheckpointLatch.await(60L, TimeUnit.SECONDS), equalTo(true)); }