tool
/
starrocks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Enhancement] Improve kerberos tmp keytab file permission (#40572) 

Signed-off-by: wyb <wybb86@gmail.com>
This commit is contained in:
wyb 2024-02-04 10:36:05 +08:00 committed by GitHub
parent bc9753b353
commit 4b47b42c12
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
fs_brokers/apache_hdfs_broker/src/main/java/com/starrocks/broker/hdfs/FileSystemManager.java
View File

@ -36,6 +36,7 @@
package com.starrocks.broker.hdfs;
import com.google.common.collect.Sets;
import com.starrocks.common.WildcardURI;
import com.starrocks.thrift.TBrokerFD;
import com.starrocks.thrift.TBrokerFileStatus;
@ -63,6 +64,8 @@ import java.net.InetAddress;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.file.Files;
import java.nio.file.attribute.PosixFilePermission;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedExceptionAction;
@ -361,6 +364,12 @@ public class FileSystemManager {
Random random = new Random(currentTime);
int randNumber = random.nextInt(10000);
tmpFilePath = "/tmp/." + Long.toString(currentTime) + "_" + Integer.toString(randNumber);
File tmpFile = new File(tmpFilePath);
if (!tmpFile.exists() && !tmpFile.createNewFile()) {
throw new BrokerException(TBrokerOperationStatusCode.NOT_AUTHORIZED, "create tmp file failed");
}
Files.setPosixFilePermissions(tmpFile.toPath(),
Sets.newHashSet(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE));
FileOutputStream fileOutputStream = new FileOutputStream(tmpFilePath);
fileOutputStream.write(base64decodedBytes);
fileOutputStream.close();