diff options
author | Valerij Fredriksen <freva@users.noreply.github.com> | 2018-10-15 13:45:00 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-15 13:45:00 +0200 |
commit | 841a023378da6a6f0cecbb5ad0c4ccdb69d95a4c (patch) | |
tree | 480e67a37d2c822cb7225a7f2e7d9557dde06049 | |
parent | 5504d4ddf0c5d4e1aa2ac966a25363bdb37bbae0 (diff) | |
parent | f7830f59a7fd6a27d42b6d440082b5e7256258ab (diff) |
Merge pull request #7311 from vespa-engine/freva/fix-yamas-permissions
NodeAdmin: Fix Yamas check permissions
2 files changed, 10 insertions, 0 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java index 85ec3712126..171e47d33c5 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.java @@ -22,6 +22,7 @@ import java.io.IOException; import java.io.InputStreamReader; import java.nio.file.Files; import java.nio.file.Path; +import java.nio.file.attribute.PosixFilePermissions; import java.time.Duration; import java.time.Instant; import java.time.ZoneOffset; @@ -41,6 +42,7 @@ import java.util.stream.Stream; import static com.yahoo.vespa.defaults.Defaults.getDefaults; import static com.yahoo.vespa.hosted.node.admin.task.util.file.FileFinder.nameMatches; import static com.yahoo.vespa.hosted.node.admin.task.util.file.FileFinder.olderThan; +import static com.yahoo.vespa.hosted.node.admin.task.util.file.IOExceptionUtil.ifExists; import static com.yahoo.vespa.hosted.node.admin.task.util.file.IOExceptionUtil.uncheck; /** @@ -137,6 +139,10 @@ public class StorageMaintainer { // Write config and restart yamas-agent Path yamasAgentFolder = context.pathOnHostFromPathInNode("/etc/yamas-agent"); + + // TODO: Remove after 6.301 + ifExists(() -> Files.setPosixFilePermissions(yamasAgentFolder, PosixFilePermissions.fromString("rw-r--r--"))); + configs.forEach(s -> uncheck(() -> s.writeTo(yamasAgentFolder))); dockerOperations.executeCommandInContainerAsRoot(context, "service", "yamas-agent", "restart"); } diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/util/SecretAgentCheckConfig.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/util/SecretAgentCheckConfig.java index 6e679af4449..c5db0e39009 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/util/SecretAgentCheckConfig.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/util/SecretAgentCheckConfig.java @@ -7,6 +7,7 @@ import com.yahoo.vespa.hosted.node.admin.task.util.file.FileWriter; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Path; +import java.nio.file.attribute.PosixFilePermissions; import java.util.LinkedHashMap; import java.util.Map; @@ -49,6 +50,9 @@ public class SecretAgentCheckConfig { Files.createDirectories(yamasAgentDirectory); Path scheduleFilePath = yamasAgentDirectory.resolve(id + ".yaml"); Files.write(scheduleFilePath, render().getBytes()); + + // TODO: Remove after 6.301 + Files.setPosixFilePermissions(scheduleFilePath, PosixFilePermissions.fromString("rw-r--r--")); } public FileWriter getFileWriterTo(Path destinationPath) { |