You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2016/09/09 12:32:51 UTC

ambari git commit: AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley)

Repository: ambari
Updated Branches:
  refs/heads/trunk cb45ef92a -> 2654247ff


AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2654247f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2654247f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2654247f

Branch: refs/heads/trunk
Commit: 2654247fff11c69d25cf01534d67a219922415ff
Parents: cb45ef9
Author: Jonathan Hurley <jh...@hortonworks.com>
Authored: Thu Sep 8 16:44:07 2016 -0400
Committer: Jonathan Hurley <jh...@hortonworks.com>
Committed: Fri Sep 9 08:32:37 2016 -0400

----------------------------------------------------------------------
 .../resource_management/TestUserResource.py     | 36 ++++++++++++++++++++
 .../core/providers/accounts.py                  | 26 ++++++++------
 2 files changed, 52 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/2654247f/ambari-agent/src/test/python/resource_management/TestUserResource.py
----------------------------------------------------------------------
diff --git a/ambari-agent/src/test/python/resource_management/TestUserResource.py b/ambari-agent/src/test/python/resource_management/TestUserResource.py
index da94521..97d992e 100644
--- a/ambari-agent/src/test/python/resource_management/TestUserResource.py
+++ b/ambari-agent/src/test/python/resource_management/TestUserResource.py
@@ -215,6 +215,42 @@ class TestUserResource(TestCase):
     popen_mock.assert_called_with(['/bin/bash', '--login', '--noprofile', '-c', "ambari-sudo.sh  PATH=/bin -H -E useradd -m mapred"], shell=False, preexec_fn=preexec_fn, stderr=-2, stdout=-1, env={'PATH': '/bin'}, cwd=None, close_fds=True)
     self.assertEqual(popen_mock.call_count, 1)
 
+  @patch('__builtin__.open')
+  @patch("pwd.getpwnam")
+  def test_parsing_local_users(self, pwd_mock, open_mock):
+    """
+    Tests that parsing users out of /etc/groups can tolerate some bad lines
+    """
+    class MagicFile(object):
+      def read(self):
+        return  """
+          group1:x:1:
+          group2:x:2:user1,user2
+          group3:x:3
+          invalid
+        """
+
+      def __exit__(self, exc_type, exc_val, exc_tb):
+        pass
+
+      def __enter__(self):
+        return self
+
+    pwd_mock.return_value = "user1"
+    open_mock.return_value = MagicFile()
+
+    from resource_management.core.providers.accounts import UserProvider
+
+    user = MagicMock()
+    provider = UserProvider(user)
+    provider.resource.username = "user1"
+    provider.resource.fetch_nonlocal_groups = False
+    groups = provider.user_groups
+
+    self.assertEquals(1, len(groups))
+    self.assertTrue("group2" in groups)
+
+
 def _get_user_entity():
   user = MagicMock()
   user.pw_name='mapred'

http://git-wip-us.apache.org/repos/asf/ambari/blob/2654247f/ambari-common/src/main/python/resource_management/core/providers/accounts.py
----------------------------------------------------------------------
diff --git a/ambari-common/src/main/python/resource_management/core/providers/accounts.py b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
index 5169b12..c4f2496 100644
--- a/ambari-common/src/main/python/resource_management/core/providers/accounts.py
+++ b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
@@ -98,19 +98,25 @@ class UserProvider(Provider):
   def user_groups(self):
     if self.resource.fetch_nonlocal_groups:
       return [g.gr_name for g in grp.getgrall() if self.resource.username in g.gr_mem]
-    else:
-      with open('/etc/group', 'rb') as fp:
-        content = fp.read()
-      
-      groups = []
-      for line in content.splitlines():
-        entries = line.split(':')
-        group_name = entries[0]
+
+    with open('/etc/group', 'rb') as fp:
+      content = fp.read()
+
+    # Each line should have 4 parts, even with no members (trailing colon)
+    # group-name:group-password:group-id:
+    # group-name:group-password:group-id:group-members
+    groups = []
+    for line in content.splitlines():
+      entries = line.split(':')
+
+      # attempt to parse the users in the group only if there are 4 parts
+      if(len(entries) >= 4):
+        group_name = entries[0].strip()
         group_users = entries[3].split(',')
         if self.user in group_users:
           groups.append(group_name)
-          
-      return groups
+
+    return groups
 
 class GroupProvider(Provider):
   options = dict(