This is an automated email from the ASF dual-hosted git repository.
rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new f117b1c RANGER-2815:Ranger HDFSAuditDestination flush call should be
privileged one
f117b1c is described below
commit f117b1c245d2f388d262425276e5e9f81f0c9248
Author: Ramesh Mani <[email protected]>
AuthorDate: Fri May 1 20:49:04 2020 -0700
RANGER-2815:Ranger HDFSAuditDestination flush call should be privileged one
---
.../audit/destination/HDFSAuditDestination.java | 39 ++++++++++++++--------
1 file changed, 25 insertions(+), 14 deletions(-)
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
b/agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
index 01fc5e7..906ff34 100644
---
a/agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
+++
b/agents-audit/src/main/java/org/apache/ranger/audit/destination/HDFSAuditDestination.java
@@ -23,6 +23,7 @@ import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URI;
+import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.util.*;
@@ -188,21 +189,13 @@ public class HDFSAuditDestination extends
AuditDestination {
@Override
public void flush() {
logger.info("Flush called. name=" + getName());
- if (ostream != null) {
- try {
- synchronized (this) {
- if (ostream != null)
- // 1) PrinterWriter does not
have bufferring of its own so
- // we need to flush its
underlying stream
- // 2) HDFS flush() does not
really flush all the way to disk.
- ostream.hflush();
- logger.info("Flush HDFS audit
logs completed.....");
- }
- } catch (IOException e) {
- logger.error("Error on flushing log writer: " +
e.getMessage() +
- "\nException will be ignored. name=" +
getName() + ", fileName=" + currentFileName);
+ MiscUtil.executePrivilegedAction(new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ hflush();
+ return null;
}
- }
+ });
}
/*
@@ -373,6 +366,24 @@ public class HDFSAuditDestination extends AuditDestination
{
}
}
+ private void hflush() {
+ if (ostream != null) {
+ try {
+ synchronized (this) {
+ if (ostream != null)
+ // 1) PrinterWriter does not
have bufferring of its own so
+ // we need to flush its
underlying stream
+ // 2) HDFS flush() does not
really flush all the way to disk.
+ ostream.hflush();
+ logger.info("Flush HDFS audit logs
completed.....");
+ }
+ } catch (IOException e) {
+ logger.error("Error on flushing log writer: " +
e.getMessage() +
+ "\nException will be ignored.
name=" + getName() + ", fileName=" + currentFileName);
+ }
+ }
+ }
+
private Date rollOverByDuration() {
long rollOverTime =
rollingTimeUtil.computeNextRollingTime(fileRolloverSec,nextRollOverTime);
return new Date(rollOverTime);
