diff options
Diffstat (limited to 'node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImpl.java | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImpl.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImpl.java index 61e777a9576..75977da369c 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImpl.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImpl.java @@ -27,6 +27,9 @@ import com.yahoo.vespa.hosted.node.admin.maintenance.acl.AclMaintainer; import com.yahoo.vespa.hosted.node.admin.maintenance.identity.CredentialsMaintainer; import com.yahoo.vespa.hosted.node.admin.maintenance.servicedump.VespaServiceDumper; import com.yahoo.vespa.hosted.node.admin.nodeadmin.ConvergenceException; +import com.yahoo.vespa.hosted.node.admin.task.util.file.FileFinder; +import com.yahoo.vespa.hosted.node.admin.task.util.file.UnixPath; +import com.yahoo.vespa.hosted.node.admin.task.util.fs.ContainerPath; import java.time.Clock; import java.time.Duration; @@ -137,6 +140,31 @@ public class NodeAgentImpl implements NodeAgent { if (loopThread != null) throw new IllegalStateException("Can not re-start a node agent."); + // TODO: Remove after this has rolled out everywhere + int[] stats = new int[]{0, 0, 0}; + ContainerPath vespaHome = initialContext.paths().underVespaHome(""); + FileFinder.files(initialContext.paths().of("/")).forEachPath(path -> { + UnixPath unixPath = new UnixPath(path); + + String permissions = unixPath.getPermissions(); + if (!permissions.endsWith("---")) { + unixPath.setPermissions(permissions.substring(0, 6) + "---"); + stats[0]++; + } + + if (path.startsWith(vespaHome) && unixPath.getOwnerId() != initialContext.users().vespa().uid()) { + unixPath.setOwnerId(initialContext.users().vespa().uid()); + stats[1]++; + } + + if (path.startsWith(vespaHome) && unixPath.getGroupId() != initialContext.users().vespa().gid()) { + unixPath.setGroupId(initialContext.users().vespa().gid()); + stats[2]++; + } + }); + if (stats[0] + stats[1] + stats[2] > 0) + initialContext.log(logger, "chmod %d, chown UID %d, chown GID %d files", stats[0], stats[1], stats[2]); + loopThread = new Thread(() -> { while (!terminated.get()) { try { |