Examples with PosixPermissionsResetter org.elasticsearch.test.PosixPermissionsResetter used on opensource projects

Example 1 with PosixPermissionsResetter

use of org.elasticsearch.test.PosixPermissionsResetter in project elasticsearch by elastic.

the class NodeEnvironmentEvilTests method testMissingWritePermissionOnIndex.

public void testMissingWritePermissionOnIndex() throws IOException {
    assumeTrue("posix filesystem", isPosix);
    final String[] tempPaths = tmpPaths();
    Path path = PathUtils.get(randomFrom(tempPaths));
    Path fooIndex = path.resolve("nodes").resolve("0").resolve(NodeEnvironment.INDICES_FOLDER).resolve("foo");
    Files.createDirectories(fooIndex);
    try (PosixPermissionsResetter attr = new PosixPermissionsResetter(fooIndex)) {
        attr.setPermissions(new HashSet<>(Arrays.asList(PosixFilePermission.OTHERS_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OWNER_READ)));
        Settings build = Settings.builder().put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toAbsolutePath().toString()).putArray(Environment.PATH_DATA_SETTING.getKey(), tempPaths).build();
        IOException ioException = expectThrows(IOException.class, () -> {
            new NodeEnvironment(build, new Environment(build));
        });
        assertTrue(ioException.getMessage(), ioException.getMessage().startsWith("failed to write in data directory"));
    }
}

Example 2 with PosixPermissionsResetter

use of org.elasticsearch.test.PosixPermissionsResetter in project elasticsearch by elastic.

the class InstallPluginCommandTests method testBinPermissions.

public void testBinPermissions() throws Exception {
    assumeTrue("posix filesystem", isPosix);
    Tuple<Path, Environment> env = createEnv(fs, temp);
    Path pluginDir = createPluginDir(temp);
    Path binDir = pluginDir.resolve("bin");
    Files.createDirectory(binDir);
    Files.createFile(binDir.resolve("somescript"));
    String pluginZip = createPlugin("fake", pluginDir);
    try (PosixPermissionsResetter binAttrs = new PosixPermissionsResetter(env.v2().binFile())) {
        Set<PosixFilePermission> perms = binAttrs.getCopyPermissions();
        // make sure at least one execute perm is missing, so we know we forced it during installation
        perms.remove(PosixFilePermission.GROUP_EXECUTE);
        binAttrs.setPermissions(perms);
        installPlugin(pluginZip, env.v1());
        assertPlugin("fake", pluginDir, env.v2());
    }
}

Example 3 with PosixPermissionsResetter

use of org.elasticsearch.test.PosixPermissionsResetter in project elasticsearch by elastic.

the class NodeEnvironmentEvilTests method testMissingWritePermissionOnShard.

public void testMissingWritePermissionOnShard() throws IOException {
    assumeTrue("posix filesystem", isPosix);
    final String[] tempPaths = tmpPaths();
    Path path = PathUtils.get(randomFrom(tempPaths));
    Path fooIndex = path.resolve("nodes").resolve("0").resolve(NodeEnvironment.INDICES_FOLDER).resolve("foo");
    Path fooShard = fooIndex.resolve("0");
    Path fooShardIndex = fooShard.resolve("index");
    Path fooShardTranslog = fooShard.resolve("translog");
    Path fooShardState = fooShard.resolve("_state");
    Path pick = randomFrom(fooShard, fooShardIndex, fooShardTranslog, fooShardState);
    Files.createDirectories(pick);
    try (PosixPermissionsResetter attr = new PosixPermissionsResetter(pick)) {
        attr.setPermissions(new HashSet<>(Arrays.asList(PosixFilePermission.OTHERS_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OWNER_READ)));
        Settings build = Settings.builder().put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toAbsolutePath().toString()).putArray(Environment.PATH_DATA_SETTING.getKey(), tempPaths).build();
        IOException ioException = expectThrows(IOException.class, () -> {
            new NodeEnvironment(build, new Environment(build));
        });
        assertTrue(ioException.getMessage(), ioException.getMessage().startsWith("failed to write in data directory"));
    }
}

Example 4 with PosixPermissionsResetter

use of org.elasticsearch.test.PosixPermissionsResetter in project elasticsearch by elastic.

the class NodeEnvironmentEvilTests method testMissingWritePermission.

public void testMissingWritePermission() throws IOException {
    assumeTrue("posix filesystem", isPosix);
    final String[] tempPaths = tmpPaths();
    Path path = PathUtils.get(randomFrom(tempPaths));
    try (PosixPermissionsResetter attr = new PosixPermissionsResetter(path)) {
        attr.setPermissions(new HashSet<>(Arrays.asList(PosixFilePermission.OTHERS_READ, PosixFilePermission.GROUP_READ, PosixFilePermission.OWNER_READ)));
        Settings build = Settings.builder().put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toAbsolutePath().toString()).putArray(Environment.PATH_DATA_SETTING.getKey(), tempPaths).build();
        IOException ioException = expectThrows(IOException.class, () -> {
            new NodeEnvironment(build, new Environment(build));
        });
        assertTrue(ioException.getMessage(), ioException.getMessage().startsWith(path.toString()));
    }
}

Example 5 with PosixPermissionsResetter

use of org.elasticsearch.test.PosixPermissionsResetter in project elasticsearch by elastic.

the class InstallPluginCommandTests method testPluginsDirReadOnly.

public void testPluginsDirReadOnly() throws Exception {
    assumeTrue("posix and filesystem", isPosix && isReal);
    Tuple<Path, Environment> env = createEnv(fs, temp);
    Path pluginDir = createPluginDir(temp);
    try (PosixPermissionsResetter pluginsAttrs = new PosixPermissionsResetter(env.v2().pluginsFile())) {
        pluginsAttrs.setPermissions(new HashSet<>());
        String pluginZip = createPlugin("fake", pluginDir);
        IOException e = expectThrows(IOException.class, () -> installPlugin(pluginZip, env.v1()));
        assertTrue(e.getMessage(), e.getMessage().contains(env.v2().pluginsFile().toString()));
    }
    assertInstallCleaned(env.v2());
}