Repository: incubator-hawq Updated Branches: refs/heads/master 634e0cdac -> c00b8d3ff
HAWQ-1534. Change user to PXF_USER only for HAWQ database. Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/c00b8d3f Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/c00b8d3f Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/c00b8d3f Branch: refs/heads/master Commit: c00b8d3ff4ea9ef543893a844bdb156cf2669d1a Parents: 634e0cd Author: Oleksandr Diachenko <[email protected]> Authored: Thu Oct 5 13:40:15 2017 -0700 Committer: Oleksandr Diachenko <[email protected]> Committed: Thu Oct 5 13:40:15 2017 -0700 ---------------------------------------------------------------------- pxf/build.gradle | 10 ++++-- pxf/gradle/profiles/gpdb.properties | 1 - pxf/pxf-service/src/scripts/pxf-env.sh | 4 ++- pxf/pxf-service/src/scripts/pxf-service | 48 ++++++++++++++++++++-------- 4 files changed, 46 insertions(+), 17 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/c00b8d3f/pxf/build.gradle ---------------------------------------------------------------------- diff --git a/pxf/build.gradle b/pxf/build.gradle index 6ac55b7..e27074e 100644 --- a/pxf/build.gradle +++ b/pxf/build.gradle @@ -273,7 +273,7 @@ project('pxf-service') { filter(ReplaceTokens, tokens: ['pxfLogDir' : databaseProperties.pxfLogDir, 'pxfRunDir' : databaseProperties.pxfRunDir, - 'pxfDefaultUser': databaseProperties.pxfDefaultUser]) + 'pxfDefaultUser': (databaseProperties.pxfDefaultUser == null ? "" : databaseProperties.pxfDefaultUser)]) into "/etc/pxf-${project.version}/conf" } @@ -300,6 +300,9 @@ project('pxf-service') { fileMode 0755 addParentDirs false into "/opt/pxf-${project.version}" + filter(ReplaceTokens, + tokens: [ + 'pxfDefaultUser': (databaseProperties.pxfDefaultUser == null ? "" : databaseProperties.pxfDefaultUser)]) } link("/usr/lib/pxf-${project.version}/${project.name}.jar", "${project.name}-${project.version}.jar") @@ -618,6 +621,9 @@ task install(type: Copy, dependsOn: [subprojects.build, tomcatGet]) { into 'bin' fileMode 0755 rename('pxf-service', 'pxf') + filter(ReplaceTokens, + tokens: [ + 'pxfDefaultUser': (databaseProperties.pxfDefaultUser == null ? "" : databaseProperties.pxfDefaultUser)]) } from("${tomcatTargetDir}/${tomcatName}") { into 'apache-tomcat' } @@ -627,7 +633,7 @@ task install(type: Copy, dependsOn: [subprojects.build, tomcatGet]) { filter(ReplaceTokens, tokens: ['pxfLogDir' : databaseProperties.pxfLogDir, 'pxfRunDir' : databaseProperties.pxfRunDir, - 'pxfDefaultUser': databaseProperties.pxfDefaultUser]) into 'conf' + 'pxfDefaultUser': (databaseProperties.pxfDefaultUser == null ? "" : databaseProperties.pxfDefaultUser)]) into 'conf' } from("pxf-service/src/configs/tomcat") { into 'tomcat-templates' } from("pxf-service/src/configs/templates") { into 'conf-templates' } http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/c00b8d3f/pxf/gradle/profiles/gpdb.properties ---------------------------------------------------------------------- diff --git a/pxf/gradle/profiles/gpdb.properties b/pxf/gradle/profiles/gpdb.properties index 22b095f..90a8a60 100644 --- a/pxf/gradle/profiles/gpdb.properties +++ b/pxf/gradle/profiles/gpdb.properties @@ -15,6 +15,5 @@ # specific language governing permissions and limitations # under the License. -pxfDefaultUser=gpadmin pxfLogDir=${PXF_HOME}/logs pxfRunDir=${PXF_HOME}/run \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/c00b8d3f/pxf/pxf-service/src/scripts/pxf-env.sh ---------------------------------------------------------------------- diff --git a/pxf/pxf-service/src/scripts/pxf-env.sh b/pxf/pxf-service/src/scripts/pxf-env.sh index 284f08d..f33e61a 100644 --- a/pxf/pxf-service/src/scripts/pxf-env.sh +++ b/pxf/pxf-service/src/scripts/pxf-env.sh @@ -34,7 +34,9 @@ export PXF_LOGDIR=@pxfLogDir@ export PXF_RUNDIR=@pxfRunDir@ # Configured user -export PXF_USER=${PXF_USER:-@pxfDefaultUser@} +if [ ! -z '@pxfDefaultUser@' ]; then + export PXF_USER=${PXF_USER:-@pxfDefaultUser@} +fi # Port export PXF_PORT=${PXF_PORT:-51200} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/c00b8d3f/pxf/pxf-service/src/scripts/pxf-service ---------------------------------------------------------------------- diff --git a/pxf/pxf-service/src/scripts/pxf-service b/pxf/pxf-service/src/scripts/pxf-service index e36931e..ca1b34c 100644 --- a/pxf/pxf-service/src/scripts/pxf-service +++ b/pxf/pxf-service/src/scripts/pxf-service @@ -35,7 +35,7 @@ else source $env_script fi -pxf_user=${PXF_USER:-pxf} +pxf_user=${PXF_USER} instance_port=${PXF_PORT:-51200} instance_name=pxf-service @@ -72,9 +72,11 @@ function createInstance() return 1 fi - chown -R $instance_owner $instance_root - chmod 700 $instance_root/$instance_name - return 0 + if [ ! -z $pxf_user ]; then + chown -R $instance_owner $instance_root + fi + chmod 700 $instance_root/$instance_name + return 0 } # @@ -257,7 +259,13 @@ function commandWebapp() { command=$1 pushd $instance_root - sudo -u $pxf_user $instance_root/$instance_name/bin/catalina.sh $command + if [ ! -z $pxf_user ]; then + # Run command as a pxf_user + su $pxf_user -c "$instance_root/$instance_name/bin/catalina.sh $command" + else + # Run command as a current user + $instance_root/$instance_name/bin/catalina.sh $command + fi if [ $? -ne 0 ]; then return 1 fi @@ -267,7 +275,9 @@ function commandWebapp() function createLogsDir() { mkdir -p $PXF_LOGDIR - chown -R $instance_owner $PXF_LOGDIR + if [ ! -z $pxf_user ]; then + chown -R $instance_owner $PXF_LOGDIR + fi chmod 700 $PXF_LOGDIR return 0 } @@ -275,7 +285,9 @@ function createLogsDir() function createRunDir() { mkdir -p $PXF_RUNDIR - chown -R $instance_owner $PXF_RUNDIR + if [ ! -z $pxf_user ]; then + chown -R $instance_owner $PXF_RUNDIR + fi chmod 700 $PXF_RUNDIR return 0 } @@ -297,14 +309,14 @@ function generatePrivateClasspath() sed -i -e "s|HBASE_HOME|$hbase_home|g" $PXF_HOME/conf/pxf-private.classpath else #Delete lines with HBASE_HOME if hbase_home wasn't set - sed -i "/HBASE_HOME/d" $PXF_HOME/conf/pxf-private.classpath + sed -i -e "/HBASE_HOME/d" $PXF_HOME/conf/pxf-private.classpath fi if [ ! -z $hive_home ]; then #Substitute HIVE_HOME if hive_home was set sed -i -e "s|HIVE_HOME|$hive_home|g" $PXF_HOME/conf/pxf-private.classpath else #Delete lines with HIVE_HOME if hive_home wasn't set - sed -i "/HIVE_HOME/d" $PXF_HOME/conf/pxf-private.classpath + sed -i -e "/HIVE_HOME/d" $PXF_HOME/conf/pxf-private.classpath fi } @@ -334,13 +346,23 @@ function validateParameters() fi # validate pxf user - id $pxf_user &> /dev/null; - if [ "$?" -ne "0" ] - then - echo "ERROR: User $pxf_user doesn't exist. Please set valid user via \$PXF_USER variable" + if [ ! -z $pxf_user ]; then + id $pxf_user &> /dev/null; + if [ "$?" -ne "0" ] + then + echo "ERROR: User $pxf_user doesn't exist. Please set valid user via \$PXF_USER variable" + exit 1 + fi + fi + + # make sure current user is not root + if [ $EUID -eq 0 ]; then + echo "ERROR: Cannot run as root user" exit 1 fi + + # validate JAVA_HOME if [ ! -x $JAVA_HOME/bin/java ]; then echo ERROR: \$JAVA_HOME is invalid
