From ff84a6bf7ac9ef73576d9cd202a51a36c755e515 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Wed, 22 Apr 2009 17:50:13 +0000
Subject: [PATCH] Fix issue 3047: export-ldif : default access rights of exported file must be 600 not 644
---
opendj-sdk/opends/src/messages/messages/utility.properties | 2 +
opendj-sdk/opends/src/server/org/opends/server/types/LDIFExportConfig.java | 86 +++++++++++++++++++++++++++++++------------
2 files changed, 64 insertions(+), 24 deletions(-)
diff --git a/opendj-sdk/opends/src/messages/messages/utility.properties b/opendj-sdk/opends/src/messages/messages/utility.properties
index 741c78e..695cfd3 100644
--- a/opendj-sdk/opends/src/messages/messages/utility.properties
+++ b/opendj-sdk/opends/src/messages/messages/utility.properties
@@ -616,3 +616,5 @@
SEVERE_ERR_CERTMGR_CERT_SIGN_REQ_NOT_SUPPORTED_298=Certificate signing \
request generation is not supported on JVM supplied by this vendor: %s
INFO_ARGPARSER_USAGE_DEFAULT_VALUE_299=Default value: %s
+SEVERE_WARN_EXPORT_LDIF_SET_PERMISSION_FAILED_300=An error occurred while \
+ setting file permissions for the LDIF file %s: %s
diff --git a/opendj-sdk/opends/src/server/org/opends/server/types/LDIFExportConfig.java b/opendj-sdk/opends/src/server/org/opends/server/types/LDIFExportConfig.java
index 6e74dba..f3a451f 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/types/LDIFExportConfig.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/types/LDIFExportConfig.java
@@ -22,12 +22,12 @@
* CDDL HEADER END
*
*
- * Copyright 2006-2008 Sun Microsystems, Inc.
+ * Copyright 2006-2009 Sun Microsystems, Inc.
*/
package org.opends.server.types;
-import org.opends.messages.Message;
-
-
+import static org.opends.messages.UtilityMessages.*;
+import static org.opends.server.loggers.debug.DebugLogger.*;
+import static org.opends.server.util.StaticUtils.*;
import java.io.BufferedWriter;
import java.io.File;
@@ -41,9 +41,8 @@
import java.util.Set;
import java.util.zip.GZIPOutputStream;
-import static org.opends.server.loggers.debug.DebugLogger.*;
+import org.opends.messages.Message;
import org.opends.server.loggers.debug.DebugTracer;
-import static org.opends.messages.UtilityMessages.*;
@@ -225,26 +224,65 @@
{
if (ldifOutputStream == null)
{
+ File f = new File(ldifFile);
+ boolean mustSetPermissions = false;
+
switch (existingFileBehavior)
{
- case APPEND:
- ldifOutputStream = new FileOutputStream(ldifFile, true);
- break;
- case OVERWRITE:
- ldifOutputStream = new FileOutputStream(ldifFile, false);
- break;
- case FAIL:
- File f = new File(ldifFile);
- if (f.exists())
- {
- Message message = ERR_LDIF_FILE_EXISTS.get(ldifFile);
- throw new IOException(message.toString());
- }
- else
- {
- ldifOutputStream = new FileOutputStream(ldifFile);
- }
- break;
+ case APPEND:
+ // Create new file if it doesn't exist ensuring that we can
+ // set its permissions.
+ if (!f.exists())
+ {
+ f.createNewFile();
+ mustSetPermissions = true;
+ }
+ ldifOutputStream = new FileOutputStream(ldifFile, true);
+ break;
+ case OVERWRITE:
+ // Create new file if it doesn't exist ensuring that we can
+ // set its permissions.
+ if (!f.exists())
+ {
+ f.createNewFile();
+ mustSetPermissions = true;
+ }
+ ldifOutputStream = new FileOutputStream(ldifFile, false);
+ break;
+ case FAIL:
+ if (f.exists())
+ {
+ Message message = ERR_LDIF_FILE_EXISTS.get(ldifFile);
+ throw new IOException(message.toString());
+ }
+ else
+ {
+ // Create new file ensuring that we can set its
+ // permissions.
+ f.createNewFile();
+ mustSetPermissions = true;
+ ldifOutputStream = new FileOutputStream(ldifFile);
+ }
+ break;
+ }
+
+ if (mustSetPermissions)
+ {
+ try
+ {
+ // Ignore
+ FilePermission.setPermissions(f,
+ new FilePermission(0600));
+ }
+ catch (Exception e)
+ {
+ // The file could not be created with the correct
+ // permissions.
+ Message message =
+ WARN_EXPORT_LDIF_SET_PERMISSION_FAILED.get(f.toString(),
+ stackTraceToSingleLineString(e));
+ throw new IOException(message.toString());
+ }
}
}
--
Gitblit v1.10.0