Repository: incubator-slider Updated Branches: refs/heads/develop 5bf14692d -> e31600909
SLIDER-1215 Slider app master does not clean up certificate directories from tmp dir on graceful exit Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/e3160090 Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/e3160090 Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/e3160090 Branch: refs/heads/develop Commit: e316009098f6b1dbe4f6f2b7dd56c4ce1d819e3b Parents: 5bf1469 Author: Gour Saha <gourks...@apache.org> Authored: Tue Mar 7 08:33:41 2017 -0800 Committer: Gour Saha <gourks...@apache.org> Committed: Tue Mar 7 08:33:41 2017 -0800 ---------------------------------------------------------------------- .../server/appmaster/SliderAppMaster.java | 4 ++++ .../server/services/security/SecurityUtils.java | 20 +++++++++++++++----- .../web/rest/agent/TestAMAgentWebServices.java | 20 ++++++++++++++++++-- 3 files changed, 37 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/e3160090/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java ---------------------------------------------------------------------- diff --git a/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java b/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java index c33f7ac..3f47b98 100644 --- a/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java +++ b/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java @@ -172,6 +172,7 @@ import org.apache.slider.server.appmaster.web.rest.RestPaths; import org.apache.slider.server.appmaster.web.rest.application.ApplicationResouceContentCacheFactory; import org.apache.slider.server.appmaster.web.rest.application.resources.ContentCache; import org.apache.slider.server.services.security.CertificateManager; +import org.apache.slider.server.services.security.SecurityUtils; import org.apache.slider.server.services.utility.AbstractSliderLaunchedService; import org.apache.slider.server.services.utility.WebAppService; import org.apache.slider.server.services.workflow.ServiceThreadFactory; @@ -1630,6 +1631,9 @@ public class SliderAppMaster extends AbstractSliderLaunchedService " it may have been terminated/YARN shutdown in progress: {}", e, e); } catch (YarnException | IOException e) { log.info("Failed to unregister application: " + e, e); + } finally { + // cleanup security dir + SecurityUtils.cleanupSecurityDir(); } if (exception != null) { throw exception; http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/e3160090/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java ---------------------------------------------------------------------- diff --git a/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java b/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java index e82ad84..9d699ab 100644 --- a/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java +++ b/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java @@ -84,6 +84,7 @@ public class SecurityUtils { private static final String PASS_TOKEN = "pass:"; private static String keystorePass; private static String securityDir; + private static boolean keystoreLocationSpecified; public static void logOpenSslExitCode(String command, int exitCode) { if (exitCode == 0) { @@ -157,12 +158,13 @@ public class SecurityUtils { public static void initializeSecurityParameters(MapOperations configMap, boolean persistPassword) { - String keyStoreLocation = configMap.getOption( - SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, getDefaultKeystoreLocation()); + String keyStoreLocation = configMap + .getOption(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, null); if (keyStoreLocation == null) { - LOG.error(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION - + " is not specified. Unable to initialize security params."); - return; + keyStoreLocation = getDefaultKeystoreLocation(); + keystoreLocationSpecified = false; + } else { + keystoreLocationSpecified = true; } File secDirFile = new File(keyStoreLocation).getParentFile(); if (!secDirFile.exists()) { @@ -253,4 +255,12 @@ public class SecurityUtils { .append(SliderKeys.KEYSTORE_FILE_NAME).toString(); } + public static void cleanupSecurityDir() throws IOException { + if (!keystoreLocationSpecified && securityDir != null) { + File tmpSecDir = new File(securityDir).getParentFile(); + LOG.debug("Cleaning up AM created tmp security dir {}", + tmpSecDir.getAbsolutePath()); + FileUtils.deleteDirectory(tmpSecDir); + } + } } http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/e3160090/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java ---------------------------------------------------------------------- diff --git a/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java b/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java index b5d6a94..3328ae6 100644 --- a/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java +++ b/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java @@ -62,6 +62,7 @@ import java.io.File; import java.net.URI; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; public class TestAMAgentWebServices { @@ -208,7 +209,22 @@ public class TestAMAgentWebServices { // log.info("Agent is running at {}", base_url); // Thread.sleep(60 * 1000); // } - + + public static void testCleanupSecurityDir() throws Exception { + // Since initialization is done without setting ssl.server.keystore.location + // the security dir is created in temp file system + String securityDir = SecurityUtils.getSecurityDir(); + // validate that the folder exists + File securityDirFile = new File(securityDir); + assertTrue("securityDir " + securityDir + " should exist", + securityDirFile.exists()); + // call cleanup now and it should be gone + SecurityUtils.cleanupSecurityDir(); + // validate that the folder does not exist anymore + assertFalse("securityDir " + securityDir + " should have been deleted", + securityDirFile.exists()); + } + private Register createDummyJSONRegister() { Register register = new Register(); register.setResponseId(-1); @@ -227,7 +243,7 @@ public class TestAMAgentWebServices { @AfterClass public static void tearDownClass() throws Exception{ - FileUtils.deleteDirectory(new File(SecurityUtils.getSecurityDir())); + testCleanupSecurityDir(); // Path directory = Paths.get(SecurityUtils.getSecurityDir()); // Files.walkFileTree(directory, new SimpleFileVisitor<Path>() { // @Override