Repository: ambari Updated Branches: refs/heads/branch-2.5 9218fbc2e -> fcf9536b5
AMBARI-20506. pass.txt have wrong permission.(vbrodetskyi) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/fcf9536b Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/fcf9536b Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/fcf9536b Branch: refs/heads/branch-2.5 Commit: fcf9536b5b65c63bb4c0e02e782f71ca0ca998e6 Parents: 9218fbc Author: Vitaly Brodetskyi <[email protected]> Authored: Mon Mar 20 19:41:23 2017 +0200 Committer: Vitaly Brodetskyi <[email protected]> Committed: Mon Mar 20 19:41:23 2017 +0200 ---------------------------------------------------------------------- .../org/apache/ambari/server/security/CertificateManager.java | 6 ++++++ .../org/apache/ambari/server/security/CertGenerationTest.java | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/fcf9536b/ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java b/ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java index c9e7c6e..6bed332 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/security/CertificateManager.java @@ -68,6 +68,8 @@ public class CertificateManager { */ private static final String SET_PERMISSIONS = "find %s -type f -exec chmod 700 {} +"; + private static final String SET_SERVER_PASS_FILE_PERMISSIONS = "chmod 600 %s"; + public void initRootCert() { LOG.info("Initialization of root certificate"); boolean certExists = isCertExists(); @@ -147,6 +149,7 @@ public class CertificateManager { String srvrKeyName = configsMap.get(Configuration.SRVR_KEY_NAME.getKey()); String kstrName = configsMap.get(Configuration.KSTR_NAME.getKey()); String srvrCrtPass = configsMap.get(Configuration.SRVR_CRT_PASS.getKey()); + String srvrCrtPassFile = configsMap.get(Configuration.SRVR_CRT_PASS_FILE.getKey()); Object[] scriptArgs = {srvrCrtPass, srvrKstrDir, srvrKeyName, srvrCrtName, kstrName, srvrCsrName}; @@ -165,6 +168,9 @@ public class CertificateManager { command = String.format(SET_PERMISSIONS,srvrKstrDir); runCommand(command); + + command = String.format(SET_SERVER_PASS_FILE_PERMISSIONS, srvrKstrDir + File.separator + srvrCrtPassFile); + runCommand(command); } /** http://git-wip-us.apache.org/repos/asf/ambari/blob/fcf9536b/ambari-server/src/test/java/org/apache/ambari/server/security/CertGenerationTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/CertGenerationTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/CertGenerationTest.java index 4e0549d..860372b 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/CertGenerationTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/CertGenerationTest.java @@ -208,7 +208,7 @@ public class CertGenerationTest { if (ShellCommandUtil.LINUX) { String permissions = ShellCommandUtil. getUnixFilePermissions(passFile.getAbsolutePath()); - Assert.assertEquals(ShellCommandUtil.MASK_OWNER_ONLY_RWX, permissions); + Assert.assertEquals(ShellCommandUtil.MASK_OWNER_ONLY_RW, permissions); } }
