[kudu] branch master updated: [mini_kdc] MiniKdc::Kinit() atomically replaces ccache

Fri, 20 Mar 2020 18:58:08 -0700 

This is an automated email from the ASF dual-hosted git repository.

granthenke pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kudu.git


The following commit(s) were added to refs/heads/master by this push:
     new 4672c75  [mini_kdc] MiniKdc::Kinit() atomically replaces ccache
4672c75 is described below

commit 4672c7511ef673409548cdaa39ae1ab61416f6f6
Author: Alexey Serbin <[email protected]>
AuthorDate: Fri Mar 20 15:39:02 2020 -0700

    [mini_kdc] MiniKdc::Kinit() atomically replaces ccache
    
    This patch updates implementation of MiniKdc::Kinit() to atomically
    replace cache credentials file.  I noticed that without this patch
    Java test TestSecurity.testRenewAndReacquireKerberosCredentials
    fails time to time in a TSAN build, but with this patch and with
    https://gerrit.cloudera.org/#/c/15433/ it passes every time.
    
    Change-Id: I44b0afc1d92519f9942b8a6dfb14ebc12eda0949
    Reviewed-on: http://gerrit.cloudera.org:8080/15516
    Reviewed-by: Adar Dembo <[email protected]>
    Tested-by: Kudu Jenkins
---
 src/kudu/security/test/mini_kdc.cc | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/src/kudu/security/test/mini_kdc.cc 
b/src/kudu/security/test/mini_kdc.cc
index e3d9604..da11d07 100644
--- a/src/kudu/security/test/mini_kdc.cc
+++ b/src/kudu/security/test/mini_kdc.cc
@@ -28,11 +28,13 @@
 #include <boost/optional/optional.hpp>
 #include <glog/logging.h>
 
+#include "kudu/gutil/map-util.h"
 #include "kudu/gutil/strings/strip.h"
 #include "kudu/gutil/strings/substitute.h"
 #include "kudu/util/env.h"
 #include "kudu/util/monotime.h"
 #include "kudu/util/path_util.h"
+#include "kudu/util/scoped_cleanup.h"
 #include "kudu/util/slice.h"
 #include "kudu/util/stopwatch.h"
 #include "kudu/util/subprocess.h"
@@ -305,7 +307,24 @@ Status MiniKdc::Kinit(const string& username) {
   SCOPED_LOG_SLOW_EXECUTION(WARNING, 100, Substitute("kinit for $0", 
username));
   string kinit;
   RETURN_NOT_OK(GetBinaryPath("kinit", &kinit));
-  RETURN_NOT_OK(Subprocess::Call(MakeArgv({ kinit, username }), username));
+  unique_ptr<WritableFile> tmp_cc_file;
+  string tmp_cc_path;
+  const auto tmp_template = Substitute("kinit-temp-$0.XXXXXX", username);
+  RETURN_NOT_OK_PREPEND(Env::Default()->NewTempWritableFile(
+      WritableFileOptions(),
+      JoinPathSegments(options_.data_root, tmp_template),
+      &tmp_cc_path, &tmp_cc_file),
+      "could not create temporary file");
+  auto delete_tmp_cc = MakeScopedCleanup([&]() {
+    WARN_NOT_OK(Env::Default()->DeleteFile(tmp_cc_path),
+                "could not delete file " + tmp_cc_path);
+  });
+  RETURN_NOT_OK(Subprocess::Call(MakeArgv({ kinit, "-c", tmp_cc_path, username 
}), username));
+  const auto env_vars_map = GetEnvVars();
+  const auto& ccache_path = FindOrDie(env_vars_map, "KRB5CCNAME");
+  RETURN_NOT_OK_PREPEND(Env::Default()->RenameFile(tmp_cc_path, ccache_path),
+                        "could not move new file into place");
+  delete_tmp_cc.cancel();
   return Status::OK();
 }

Reply via email to