Skip to content

Add doPrivilege blocks for socket connect ops in repository-hdfs#22793

Merged
Tim-Brooks merged 8 commits intoelastic:masterfrom
Tim-Brooks:fix_hdfs
Jan 27, 2017
Merged

Add doPrivilege blocks for socket connect ops in repository-hdfs#22793
Tim-Brooks merged 8 commits intoelastic:masterfrom
Tim-Brooks:fix_hdfs

Conversation

@Tim-Brooks
Copy link
Copy Markdown
Contributor

@Tim-Brooks Tim-Brooks commented Jan 25, 2017

This is related to #22116. The repository-hdfs plugin opens socket
connections. As SocketPermission is transitioned out of core, hdfs
will require connect permission. This pull request wraps operations
that require this permission in doPrivileged blocks.

@Tim-Brooks
Copy link
Copy Markdown
Contributor Author

Tim-Brooks commented Jan 25, 2017
edited
Loading

In hdfs we are calling doPrivileged and explicitly defining the permissions. I was not sure if there was a reason we were doing this differently, so I left it as is and just added new SocketPermission("*", "connect").

@rjernst
Copy link
Copy Markdown
Member

rjernst commented Jan 25, 2017

In hdfs we are calling doPrivileged and explicitly defining the permissions

We do this to limit what craziness hdfs can do (and know exactly what it requires).

rjernst
rjernst approved these changes Jan 25, 2017
View reviewed changes
Copy link
Copy Markdown
Member

@rjernst rjernst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Tim-Brooks Tim-Brooks mentioned this pull request Jan 26, 2017
Merged
s1monw
s1monw reviewed Jan 27, 2017
View reviewed changes
Copy link
Copy Markdown
Contributor

@s1monw s1monw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left one comment looks great so far

...ins/repository-hdfs/src/main/java/org/elasticsearch/repositories/hdfs/HdfsBlobContainer.java Outdated
try {
SpecialPermission.check();
// FSDataInputStream can open connection on read()
return AccessController.doPrivileged((PrivilegedExceptionAction<Integer>) is::read);
Copy link
Copy Markdown
Contributor

@s1monw s1monw Jan 27, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we maybe try to trigger this differently? I mean can we for instance try to call #available() or can we maybe read the first byte on open and wrap in a BufferedInputStream and then do this:

InputStream stream = is.isMarkSupported() ? is : new BufferedInputStream(is);
// do the following in doPrivileged?
stream.mark(1);
stream.skip(1);
stream.reset();
return stream;

@Tim-Brooks
Copy link
Copy Markdown
Contributor Author

Tim-Brooks commented Jan 27, 2017

@s1monw In my testing available() was not doing the trick. So I went with the buffered, mark, skip, reset approach.

s1monw
s1monw suggested changes Jan 27, 2017
View reviewed changes
Copy link
Copy Markdown
Contributor

@s1monw s1monw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left one more comment we are close I think

...ins/repository-hdfs/src/main/java/org/elasticsearch/repositories/hdfs/HdfsBlobContainer.java Outdated
}
}
};
InputStream stream = is.markSupported() ? is : new BufferedInputStream(is);
Copy link
Copy Markdown
Contributor

@s1monw s1monw Jan 27, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we run into an exception here we have to close the stream.

we usually do this:

boolean success = false;
try {
 // do something with the stream
  success = true;
  return stream;
} finally {
  if (success == false) {
    IOUtils.closeWhileHandlingException(stream);
  }
}

@Tim-Brooks
Copy link
Copy Markdown
Contributor Author

Tim-Brooks commented Jan 27, 2017

Note to other reviews:

Simon and I talked about this for a while and decided it was safest to return a InputStream implementation that wraps all of the methods.

s1monw
s1monw approved these changes Jan 27, 2017
View reviewed changes
Copy link
Copy Markdown
Contributor

@s1monw s1monw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Tim-Brooks Tim-Brooks merged commit eb4562d into elastic:master Jan 27, 2017
@Tim-Brooks Tim-Brooks deleted the fix_hdfs branch January 27, 2017 21:01
@jbaiera jbaiera mentioned this pull request Sep 7, 2017
Closed
jbaiera pushed a commit to jbaiera/elasticsearch that referenced this pull request Sep 19, 2017
@Tim-Brooks @jbaiera
Backport "Add doPrivilege blocks for socket connect ops in repository…
56901ff 
…-hdfs (elastic#22793)"

Only pulled the relevant changes - such as the Priveleged input stream implementation for HDFS.
@jbaiera jbaiera mentioned this pull request Sep 19, 2017
Merged
@clintongormley clintongormley added :Distributed/Snapshot/Restore Anything directly related to the `_snapshot/*` APIs and removed :Plugin Repository HDFS labels Feb 14, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rjernst rjernst rjernst approved these changes

@jasontedor jasontedor Awaiting requested review from jasontedor

+1 more reviewer

@s1monw s1monw s1monw approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

:Distributed/Snapshot/Restore Anything directly related to the `_snapshot/*` APIs >enhancement v6.0.0-alpha1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Tim-Brooks @rjernst @s1monw @clintongormley