Return-Path: X-Original-To: apmail-hadoop-common-commits-archive@www.apache.org Delivered-To: apmail-hadoop-common-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D0FB83C2B for ; Fri, 22 Apr 2011 16:20:09 +0000 (UTC) Received: (qmail 96600 invoked by uid 500); 22 Apr 2011 16:20:09 -0000 Delivered-To: apmail-hadoop-common-commits-archive@hadoop.apache.org Received: (qmail 96552 invoked by uid 500); 22 Apr 2011 16:20:08 -0000 Mailing-List: contact common-commits-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: common-dev@hadoop.apache.org Delivered-To: mailing list common-commits@hadoop.apache.org Received: (qmail 96545 invoked by uid 99); 22 Apr 2011 16:20:08 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Apr 2011 16:20:08 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 22 Apr 2011 16:20:07 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 65F1323888FD; Fri, 22 Apr 2011 16:19:47 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1095958 - in /hadoop/common/trunk: CHANGES.txt src/java/org/apache/hadoop/io/SecureIOUtils.java src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java Date: Fri, 22 Apr 2011 16:19:47 -0000 To: common-commits@hadoop.apache.org From: eli@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110422161947.65F1323888FD@eris.apache.org> Author: eli Date: Fri Apr 22 16:19:46 2011 New Revision: 1095958 URL: http://svn.apache.org/viewvc?rev=1095958&view=rev Log: HADOOP-7172. SecureIO should not check owner on non-secure clusters that have no native support. Contributed by Todd Lipcon Modified: hadoop/common/trunk/CHANGES.txt hadoop/common/trunk/src/java/org/apache/hadoop/io/SecureIOUtils.java hadoop/common/trunk/src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java Modified: hadoop/common/trunk/CHANGES.txt URL: http://svn.apache.org/viewvc/hadoop/common/trunk/CHANGES.txt?rev=1095958&r1=1095957&r2=1095958&view=diff ============================================================================== --- hadoop/common/trunk/CHANGES.txt (original) +++ hadoop/common/trunk/CHANGES.txt Fri Apr 22 16:19:46 2011 @@ -596,6 +596,9 @@ Release 0.22.0 - Unreleased HADOOP-7229. Do not default to an absolute path for kinit in Kerberos auto-renewal thread. (Aaron T. Myers via todd) + HADOOP-7172. SecureIO should not check owner on non-secure + clusters that have no native support. (todd via eli) + Release 0.21.1 - Unreleased IMPROVEMENTS Modified: hadoop/common/trunk/src/java/org/apache/hadoop/io/SecureIOUtils.java URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/java/org/apache/hadoop/io/SecureIOUtils.java?rev=1095958&r1=1095957&r2=1095958&view=diff ============================================================================== --- hadoop/common/trunk/src/java/org/apache/hadoop/io/SecureIOUtils.java (original) +++ hadoop/common/trunk/src/java/org/apache/hadoop/io/SecureIOUtils.java Fri Apr 22 16:19:46 2011 @@ -91,23 +91,32 @@ public class SecureIOUtils { /** * Open the given File for read access, verifying the expected user/group - * constraints. + * constraints if security is enabled. + * + * Note that this function provides no additional checks if Hadoop + * security is disabled, since doing the checks would be too expensive + * when native libraries are not available. + * * @param f the file that we are trying to open * @param expectedOwner the expected user owner for the file * @param expectedGroup the expected group owner for the file - * @throws IOException if an IO Error occurred, or the user/group does not - * match + * @throws IOException if an IO Error occurred, or security is enabled and + * the user/group does not match */ public static FileInputStream openForRead(File f, String expectedOwner, String expectedGroup) throws IOException { - if (skipSecurity) { - // Subject to race conditions but this is the best we can do - FileStatus status = - rawFilesystem.getFileStatus(new Path(f.getAbsolutePath())); - checkStat(f, status.getOwner(), status.getGroup(), - expectedOwner, expectedGroup); + if (!UserGroupInformation.isSecurityEnabled()) { return new FileInputStream(f); } + return forceSecureOpenForRead(f, expectedOwner, expectedGroup); + } + + /** + * Same as openForRead() except that it will run even if security is off. + * This is used by unit tests. + */ + static FileInputStream forceSecureOpenForRead(File f, String expectedOwner, + String expectedGroup) throws IOException { FileInputStream fis = new FileInputStream(f); boolean success = false; Modified: hadoop/common/trunk/src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java URL: http://svn.apache.org/viewvc/hadoop/common/trunk/src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java?rev=1095958&r1=1095957&r2=1095958&view=diff ============================================================================== --- hadoop/common/trunk/src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java (original) +++ hadoop/common/trunk/src/test/core/org/apache/hadoop/io/TestSecureIOUtils.java Fri Apr 22 16:19:46 2011 @@ -64,11 +64,20 @@ public class TestSecureIOUtils { .openForRead(testFilePath, realOwner, realGroup).close(); } - @Test(expected=IOException.class) + @Test public void testReadIncorrectlyRestrictedWithSecurity() throws IOException { - SecureIOUtils - .openForRead(testFilePath, "invalidUser", null).close(); - fail("Didn't throw expection for wrong ownership!"); + // this will only run if libs are available + assumeTrue(NativeIO.isAvailable()); + + System.out.println("Running test with native libs..."); + + try { + SecureIOUtils + .forceSecureOpenForRead(testFilePath, "invalidUser", null).close(); + fail("Didn't throw expection for wrong ownership!"); + } catch (IOException ioe) { + // expected + } } @Test