You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2016/09/09 12:32:51 UTC
ambari git commit: AMBARI-18347 - Setting fetch_nonlocal_groups to
false Can Prevent Services From Starting (jonathanhurley)
Repository: ambari
Updated Branches:
refs/heads/trunk cb45ef92a -> 2654247ff
AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2654247f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2654247f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2654247f
Branch: refs/heads/trunk
Commit: 2654247fff11c69d25cf01534d67a219922415ff
Parents: cb45ef9
Author: Jonathan Hurley <jh...@hortonworks.com>
Authored: Thu Sep 8 16:44:07 2016 -0400
Committer: Jonathan Hurley <jh...@hortonworks.com>
Committed: Fri Sep 9 08:32:37 2016 -0400
----------------------------------------------------------------------
.../resource_management/TestUserResource.py | 36 ++++++++++++++++++++
.../core/providers/accounts.py | 26 ++++++++------
2 files changed, 52 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/2654247f/ambari-agent/src/test/python/resource_management/TestUserResource.py
----------------------------------------------------------------------
diff --git a/ambari-agent/src/test/python/resource_management/TestUserResource.py b/ambari-agent/src/test/python/resource_management/TestUserResource.py
index da94521..97d992e 100644
--- a/ambari-agent/src/test/python/resource_management/TestUserResource.py
+++ b/ambari-agent/src/test/python/resource_management/TestUserResource.py
@@ -215,6 +215,42 @@ class TestUserResource(TestCase):
popen_mock.assert_called_with(['/bin/bash', '--login', '--noprofile', '-c', "ambari-sudo.sh PATH=/bin -H -E useradd -m mapred"], shell=False, preexec_fn=preexec_fn, stderr=-2, stdout=-1, env={'PATH': '/bin'}, cwd=None, close_fds=True)
self.assertEqual(popen_mock.call_count, 1)
+ @patch('__builtin__.open')
+ @patch("pwd.getpwnam")
+ def test_parsing_local_users(self, pwd_mock, open_mock):
+ """
+ Tests that parsing users out of /etc/groups can tolerate some bad lines
+ """
+ class MagicFile(object):
+ def read(self):
+ return """
+ group1:x:1:
+ group2:x:2:user1,user2
+ group3:x:3
+ invalid
+ """
+
+ def __exit__(self, exc_type, exc_val, exc_tb):
+ pass
+
+ def __enter__(self):
+ return self
+
+ pwd_mock.return_value = "user1"
+ open_mock.return_value = MagicFile()
+
+ from resource_management.core.providers.accounts import UserProvider
+
+ user = MagicMock()
+ provider = UserProvider(user)
+ provider.resource.username = "user1"
+ provider.resource.fetch_nonlocal_groups = False
+ groups = provider.user_groups
+
+ self.assertEquals(1, len(groups))
+ self.assertTrue("group2" in groups)
+
+
def _get_user_entity():
user = MagicMock()
user.pw_name='mapred'
http://git-wip-us.apache.org/repos/asf/ambari/blob/2654247f/ambari-common/src/main/python/resource_management/core/providers/accounts.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/core/providers/accounts.py b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
index 5169b12..c4f2496 100644
--- a/ambari-common/src/main/python/resource_management/core/providers/accounts.py
+++ b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
@@ -98,19 +98,25 @@ class UserProvider(Provider):
def user_groups(self):
if self.resource.fetch_nonlocal_groups:
return [g.gr_name for g in grp.getgrall() if self.resource.username in g.gr_mem]
- else:
- with open('/etc/group', 'rb') as fp:
- content = fp.read()
-
- groups = []
- for line in content.splitlines():
- entries = line.split(':')
- group_name = entries[0]
+
+ with open('/etc/group', 'rb') as fp:
+ content = fp.read()
+
+ # Each line should have 4 parts, even with no members (trailing colon)
+ # group-name:group-password:group-id:
+ # group-name:group-password:group-id:group-members
+ groups = []
+ for line in content.splitlines():
+ entries = line.split(':')
+
+ # attempt to parse the users in the group only if there are 4 parts
+ if(len(entries) >= 4):
+ group_name = entries[0].strip()
group_users = entries[3].split(',')
if self.user in group_users:
groups.append(group_name)
-
- return groups
+
+ return groups
class GroupProvider(Provider):
options = dict(