use of java.nio.file.attribute.PosixFilePermission in project ignite by apache.
the class IgfsLocalSecondaryFileSystemTestAdapter method permissions.
/**
* {@inheritDoc}
*/
@Override
public String permissions(String path) throws IOException {
Path p = path(path);
PosixFileAttributeView attrView = Files.getFileAttributeView(p, PosixFileAttributeView.class);
if (attrView == null)
throw new UnsupportedOperationException("Posix file attributes not available");
int perm = 0;
for (PosixFilePermission pfp : attrView.readAttributes().permissions()) perm |= (1 << 8 - pfp.ordinal());
return '0' + Integer.toOctalString(perm);
}
use of java.nio.file.attribute.PosixFilePermission in project qpid-broker-j by apache.
the class AESKeyFileEncrypterFactory method createEmptyKeyFile.
private void createEmptyKeyFile(File file) throws IOException {
final Path parentFilePath = file.getAbsoluteFile().getParentFile().toPath();
if (isPosixFileSystem(file)) {
Set<PosixFilePermission> ownerOnly = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE);
Files.createDirectories(parentFilePath, PosixFilePermissions.asFileAttribute(ownerOnly));
Files.createFile(file.toPath(), PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE)));
} else if (isAclFileSystem(file)) {
Files.createDirectories(parentFilePath);
final UserPrincipal owner = Files.getOwner(parentFilePath);
AclFileAttributeView attributeView = Files.getFileAttributeView(parentFilePath, AclFileAttributeView.class);
List<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
ListIterator<AclEntry> iter = acls.listIterator();
boolean found = false;
while (iter.hasNext()) {
AclEntry acl = iter.next();
if (!owner.equals(acl.principal())) {
iter.remove();
} else if (acl.type() == AclEntryType.ALLOW) {
found = true;
AclEntry.Builder builder = AclEntry.newBuilder(acl);
Set<AclEntryPermission> permissions = acl.permissions().isEmpty() ? new HashSet<AclEntryPermission>() : EnumSet.copyOf(acl.permissions());
permissions.addAll(Arrays.asList(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY));
builder.setPermissions(permissions);
iter.set(builder.build());
}
}
if (!found) {
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY);
builder.setType(AclEntryType.ALLOW);
builder.setPrincipal(owner);
acls.add(builder.build());
}
attributeView.setAcl(acls);
Files.createFile(file.toPath(), new FileAttribute<List<AclEntry>>() {
@Override
public String name() {
return "acl:acl";
}
@Override
public List<AclEntry> value() {
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setType(AclEntryType.ALLOW);
builder.setPermissions(EnumSet.allOf(AclEntryPermission.class));
builder.setPrincipal(owner);
return Collections.singletonList(builder.build());
}
});
} else {
throw new IllegalArgumentException("Unable to determine a mechanism to protect access to the key file on this filesystem");
}
}
use of java.nio.file.attribute.PosixFilePermission in project athenz by yahoo.
the class ZMSFileChangeLogStore method setupDomainFile.
void setupDomainFile(File file) {
try {
new FileOutputStream(file).close();
file.setLastModified(System.currentTimeMillis());
Path path = file.toPath();
Set<PosixFilePermission> perms = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE);
Files.setPosixFilePermissions(path, perms);
} catch (IOException ex) {
error("unable to setup domain file with permissions: " + ex.getMessage());
}
}
use of java.nio.file.attribute.PosixFilePermission in project aion by aionnetwork.
the class Keystore method create.
public static String create(String password, ECKey key) {
Set<PosixFilePermission> perms = PosixFilePermissions.fromString("rwxr-----");
FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms);
if (!Files.exists(PATH)) {
try {
Files.createDirectory(PATH, attr);
} catch (IOException e) {
LOG.debug("keystore folder create failed!");
return "";
}
}
String address = ByteUtil.toHexString(key.getAddress());
if (exist(address)) {
return "0x";
} else {
KeystoreFormat format = new KeystoreFormat();
byte[] content = format.toKeystore(key, password);
TimeZone tz = TimeZone.getTimeZone("UTC");
DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
df.setTimeZone(tz);
String iso_date = df.format(new Date(System.currentTimeMillis()));
String fileName = "UTC--" + iso_date + "--" + address;
try {
Path keyFile = PATH.resolve(fileName);
if (!Files.exists(keyFile))
keyFile = Files.createFile(keyFile, attr);
String path = keyFile.toString();
FileOutputStream fos = new FileOutputStream(path);
fos.write(content);
fos.close();
return TypeConverter.toJsonHex(address);
} catch (IOException e) {
LOG.debug("fail to create keystore");
return "0x";
}
}
}
use of java.nio.file.attribute.PosixFilePermission in project nifi by apache.
the class RunNiFi method createSensitiveKeyFile.
private Path createSensitiveKeyFile(File confDir) {
Path sensitiveKeyFile = Paths.get(confDir + "/sensitive.key");
final boolean isPosixSupported = FileSystems.getDefault().supportedFileAttributeViews().contains("posix");
try {
if (isPosixSupported) {
// Initially create file with the empty permission set (so nobody can get a file descriptor on it):
Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>();
FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms);
sensitiveKeyFile = Files.createFile(sensitiveKeyFile, attr);
// Then, once created, add owner-only rights:
perms.add(PosixFilePermission.OWNER_WRITE);
perms.add(PosixFilePermission.OWNER_READ);
attr = PosixFilePermissions.asFileAttribute(perms);
Files.setPosixFilePermissions(sensitiveKeyFile, perms);
} else {
// If Posix is not supported (e.g. Windows) then create the key file without permission settings.
cmdLogger.info("Current file system does not support Posix, using default permission settings.");
sensitiveKeyFile = Files.createFile(sensitiveKeyFile);
}
} catch (final FileAlreadyExistsException faee) {
cmdLogger.error("The sensitive.key file {} already exists. That shouldn't have been. Aborting.", sensitiveKeyFile);
System.exit(1);
} catch (final Exception e) {
cmdLogger.error("Other failure relating to setting permissions on {}. " + "(so that only the owner can read it). " + "This is fatal to the bootstrap process for security reasons. Exception was: {}", sensitiveKeyFile, e);
System.exit(1);
}
return sensitiveKeyFile;
}
Aggregations