From 603f360995dd99b817599075da627c7e0a70cf97 Mon Sep 17 00:00:00 2001 From: Valerij Fredriksen Date: Tue, 26 Apr 2022 17:34:00 +0200 Subject: Do not make coredump operator group readable --- .../node/admin/maintenance/coredump/CoredumpHandler.java | 10 +++------- .../node/admin/maintenance/coredump/CoredumpHandlerTest.java | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java index 8d4e487ed6c..2271991fa15 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandler.java @@ -55,7 +55,6 @@ public class CoredumpHandler { private final CoredumpReporter coredumpReporter; private final String crashPatchInContainer; private final Path doneCoredumpsPath; - private final int operatorGroupId; private final Metrics metrics; private final Clock clock; private final Supplier coredumpIdSupplier; @@ -63,23 +62,21 @@ public class CoredumpHandler { /** * @param crashPathInContainer path inside the container where core dump are dumped * @param doneCoredumpsPath path on host where processed core dumps are stored - * @param operatorGroupId group ID of the group that will be set as the owner of the processed coredump */ public CoredumpHandler(Terminal terminal, CoreCollector coreCollector, CoredumpReporter coredumpReporter, - String crashPathInContainer, Path doneCoredumpsPath, int operatorGroupId, Metrics metrics) { + String crashPathInContainer, Path doneCoredumpsPath, Metrics metrics) { this(terminal, coreCollector, coredumpReporter, crashPathInContainer, doneCoredumpsPath, - operatorGroupId, metrics, Clock.systemUTC(), () -> UUID.randomUUID().toString()); + metrics, Clock.systemUTC(), () -> UUID.randomUUID().toString()); } CoredumpHandler(Terminal terminal, CoreCollector coreCollector, CoredumpReporter coredumpReporter, - String crashPathInContainer, Path doneCoredumpsPath, int operatorGroupId, Metrics metrics, + String crashPathInContainer, Path doneCoredumpsPath, Metrics metrics, Clock clock, Supplier coredumpIdSupplier) { this.terminal = terminal; this.coreCollector = coreCollector; this.coredumpReporter = coredumpReporter; this.crashPatchInContainer = crashPathInContainer; this.doneCoredumpsPath = doneCoredumpsPath; - this.operatorGroupId = operatorGroupId; this.metrics = metrics; this.clock = clock; this.coredumpIdSupplier = coredumpIdSupplier; @@ -199,7 +196,6 @@ public class CoredumpHandler { .add(LZ4_PATH, "-f", coreFile.pathOnHost().toString(), compressedCoreFile.pathOnHost().toString()) .setTimeout(Duration.ofMinutes(30)) .execute(); - new UnixPath(compressedCoreFile.pathOnHost()).setGroupId(operatorGroupId).setPermissions("rw-r-----"); Files.delete(coreFile); Path newCoredumpDirectory = doneCoredumpsPath.resolve(context.containerName().asString()); diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java index 5371d69ecda..8f671910f93 100644 --- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java +++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java @@ -59,7 +59,7 @@ public class CoredumpHandlerTest { @SuppressWarnings("unchecked") private final Supplier coredumpIdSupplier = mock(Supplier.class); private final CoredumpHandler coredumpHandler = new CoredumpHandler(terminal, coreCollector, coredumpReporter, - containerCrashPath.pathInContainer(), doneCoredumpsPath, 100, metrics, clock, coredumpIdSupplier); + containerCrashPath.pathInContainer(), doneCoredumpsPath, metrics, clock, coredumpIdSupplier); @Test -- cgit v1.2.3