You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by km...@apache.org on 2012/01/27 22:16:22 UTC
svn commit: r1236887 - in /db/derby/code/trunk: ./
java/engine/org/apache/derby/impl/services/daemon/
java/testing/org/apache/derbyTesting/functionTests/tests/store/
java/testing/org/apache/derbyTesting/junit/
Author: kmarsden
Date: Fri Jan 27 21:16:21 2012
New Revision: 1236887
URL: http://svn.apache.org/viewvc?rev=1236887&view=rev
Log:
DERBY-5582 Access denied (java.lang.RuntimePermission modifyThreadGroup) in IndexStatisticsDaemonImpl.schedule()
Put index-stat thread in derby daemon group.
Added:
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java (with props)
Modified:
db/derby/code/trunk/ (props changed)
db/derby/code/trunk/java/engine/org/apache/derby/impl/services/daemon/IndexStatisticsDaemonImpl.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/AutomaticIndexStatisticsTest.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/_Suite.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/SecurityManagerSetup.java
Propchange: db/derby/code/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Jan 27 21:16:21 2012
@@ -1,3 +1,3 @@
/db/derby/code/branches/10.7:1061570,1061578,1082235
-/db/derby/code/branches/10.8:1177474
+/db/derby/code/branches/10.8:1177474,1234973
/db/derby/code/trunk:1063809
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/services/daemon/IndexStatisticsDaemonImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/services/daemon/IndexStatisticsDaemonImpl.java?rev=1236887&r1=1236886&r2=1236887&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/services/daemon/IndexStatisticsDaemonImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/services/daemon/IndexStatisticsDaemonImpl.java Fri Jan 27 21:16:21 2012
@@ -39,6 +39,7 @@ import org.apache.derby.iapi.services.pr
import org.apache.derby.iapi.services.sanity.SanityManager;
import org.apache.derby.iapi.services.stream.HeaderPrintWriter;
import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.iapi.services.monitor.Monitor;
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.depend.DependencyManager;
import org.apache.derby.iapi.sql.dictionary.ConglomerateDescriptor;
@@ -247,10 +248,9 @@ public class IndexStatisticsDaemonImpl
" (queueSize=" + queue.size() + ")");
// If we're idle, fire off the worker thread.
if (runningThread == null) {
- runningThread = new Thread(this, "index-stat-thread");
- // Make the thread a daemon thread, we don't want it to stop
- // the JVM from exiting. This is a precaution.
- runningThread.setDaemon(true);
+ //DERBY-5582. Make sure the thread is in the derby group
+ // to avoid potential security manager issues
+ runningThread = Monitor.getMonitor().getDaemonThread(this, "index-stat-thread", false);
runningThread.start();
}
}
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/AutomaticIndexStatisticsTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/AutomaticIndexStatisticsTest.java?rev=1236887&r1=1236886&r2=1236887&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/AutomaticIndexStatisticsTest.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/AutomaticIndexStatisticsTest.java Fri Jan 27 21:16:21 2012
@@ -57,7 +57,8 @@ import org.apache.derbyTesting.junit.Uti
public class AutomaticIndexStatisticsTest
extends BaseJDBCTestCase {
- private static final String MASTERDB = "masterDb";
+ // used also by Derby5582AutomaticIndexStatisticsTest so just protected
+ protected static final String MASTERDB = "masterDb";
private static final String BIG_TABLE = "BIG_TABLE";
private static final long DEFAULT_TIMEOUT = 20*1000;
Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java?rev=1236887&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java (added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java Fri Jan 27 21:16:21 2012
@@ -0,0 +1,123 @@
+/*
+
+ Derby - Class org.apache.derbyTesting.functionTests.tests.store.Derby5582AutomaticIndexStatisticsTest
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to you under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ */
+package org.apache.derbyTesting.functionTests.tests.store;
+
+import java.sql.SQLException;
+import java.util.ArrayList;
+
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.apache.derbyTesting.junit.SecurityManagerSetup;
+import org.apache.derbyTesting.junit.TestConfiguration;
+
+public class Derby5582AutomaticIndexStatisticsTest extends AutomaticIndexStatisticsTest {
+
+ // private thread group. Derby5582SecurityManager will prevent other threads from
+ // modifying this thread group.
+ private static final String PRIVTGNAME = "privtg";
+
+ public Derby5582AutomaticIndexStatisticsTest(String name) {
+ super(name);
+
+ }
+
+ /**
+ * DERBY-5582 Ensure automatic statistics update thread can be created in the
+ * context of a SecurityManager that disallows modification of the parent
+ * thread thread group.
+ *
+ * @throws InterruptedException
+ */
+ public void testDerby5582() throws InterruptedException {
+ //Create a new thread belonging to the thread group protected by
+ // the custom SecurityManger
+ ThreadGroup privtg = new ThreadGroup(PRIVTGNAME);
+ // Derby5582Runner will run a automatic statistics test within
+ // the context of the "privtg" ThreadGroup
+ Derby5582Runner runner = new Derby5582Runner();
+ Thread t = new Thread(privtg, runner, "runner-thread");
+ t.start();
+ t.join();
+ // Report error if any during run
+ Exception error = runner.getSavedError();
+ if (error != null) {
+ fail(error.getMessage(),error);
+ }
+
+ }
+
+
+
+ public static Test suite() {
+ // Run just the one fixture with the custom SecurityManager
+ Test t = new Derby5582AutomaticIndexStatisticsTest("testDerby5582");
+ Derby5582SecurityManager sm = new Derby5582SecurityManager();
+ return TestConfiguration.additionalDatabaseDecorator(new SecurityManagerSetup(t, null,
+ sm),MASTERDB);
+ }
+
+ /**
+ * SecurityManager which prevents modification of thread group privtg
+ *
+ */
+ public static class Derby5582SecurityManager extends SecurityManager {
+
+ public void checkAccess(ThreadGroup tg) {
+ ThreadGroup currentGroup = Thread.currentThread().getThreadGroup();
+ if (tg.getName().equals(PRIVTGNAME) &&
+ !currentGroup.getName().equals("main")) {
+ throw new SecurityException("No permission to private ThreadGroup privtg");
+
+ }
+ super.checkAccess(tg);
+ }
+ }
+
+ /**
+ * Runnable to run testSTatsUpdatedOnGrowthFixture from
+ * AutomaticStatisticsTest. Needs to be run in a separate thread
+ * with disallowed ThreadGroup modification
+ *
+ */
+ public class Derby5582Runner implements Runnable {
+
+ // error saved from run so it can be reported in
+ // fixture as failure.
+ private Exception savedError = null;
+
+ public void run() {
+ try {
+ testStatsUpdatedOnGrowth();
+ } catch (SQLException sqle) {
+ savedError = sqle;
+ }
+ }
+
+ /**
+ * @return saved Error
+ */
+ public Exception getSavedError() {
+ return savedError;
+ }
+
+ }
+}
Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby5582AutomaticIndexStatisticsTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/_Suite.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/_Suite.java?rev=1236887&r1=1236886&r2=1236887&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/_Suite.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/_Suite.java Fri Jan 27 21:16:21 2012
@@ -71,6 +71,7 @@ public class _Suite extends BaseTestCase
suite.addTest(HoldCursorJDBC30Test.suite());
suite.addTest(AccessTest.suite());
suite.addTest(AutomaticIndexStatisticsTest.suite());
+ suite.addTest(Derby5582AutomaticIndexStatisticsTest.suite());
suite.addTest(AutomaticIndexStatisticsMultiTest.suite());
suite.addTest(BTreeMaxScanTest.suite());
suite.addTest(MadhareTest.suite());
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/SecurityManagerSetup.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/SecurityManagerSetup.java?rev=1236887&r1=1236886&r2=1236887&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/SecurityManagerSetup.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/SecurityManagerSetup.java Fri Jan 27 21:16:21 2012
@@ -70,10 +70,28 @@ public final class SecurityManagerSetup
}
private final String decoratorPolicyResource;
- public SecurityManagerSetup(Test test, String policyResource)
+ private SecurityManager decoratorSecurityManager = null;
+
+ public SecurityManagerSetup(Test test, String policyResource)
+ {
+ super(test);
+ this.decoratorPolicyResource = policyResource != null ?
+ policyResource : getDefaultPolicy();
+ }
+
+ /**
+ * Use custom policy and SecurityManager
+ *
+ * @param test - Test to wrap
+ * @param policyResource - policy resource. If null use default testing policy
+ * @param securityManager - Custom SecurityManager if null use the system security manager
+ */
+ public SecurityManagerSetup(Test test, String policyResource, SecurityManager securityManager)
{
super(test);
- this.decoratorPolicyResource = policyResource;
+ this.decoratorPolicyResource = policyResource != null ?
+ policyResource : getDefaultPolicy();
+ this.decoratorSecurityManager = securityManager;
}
/**
@@ -113,7 +131,7 @@ public final class SecurityManagerSetup
* including the special case of no security manager.
*/
protected void setUp() {
- installSecurityManager(decoratorPolicyResource);
+ installSecurityManager(decoratorPolicyResource, decoratorSecurityManager);
}
protected void tearDown() throws Exception
@@ -144,28 +162,34 @@ public final class SecurityManagerSetup
{
installSecurityManager( getDefaultPolicy() );
}
-
- private static void installSecurityManager(String policyFile)
- {
+ private static void installSecurityManager(String policyFile) {
+ installSecurityManager(policyFile, System.getSecurityManager());
+ }
+
+ private static void installSecurityManager(String policyFile, final SecurityManager sm)
+ {
+
if (externalSecurityManagerInstalled)
return;
Properties set = new Properties(classPathSet);
setSecurityPolicy(set, policyFile);
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
+ SecurityManager currentsm = System.getSecurityManager();
+ if (currentsm != null) {
// SecurityManager installed, see if it has the same settings.
String newPolicyProperty = set.getProperty("java.security.policy" );
if ( newPolicyProperty == null ) { newPolicyProperty = ""; }
String oldPolicyProperty = BaseTestCase.getSystemProperty("java.security.policy");
+ SecurityManager oldSecMan = System.getSecurityManager();
if ( oldPolicyProperty == null ) { oldPolicyProperty = ""; }
- if ( newPolicyProperty.equals( oldPolicyProperty ) ) { return; }
+ if ( newPolicyProperty.equals( oldPolicyProperty ) &&
+ oldSecMan == sm) { return; }
// Uninstall the current manager.
uninstallSecurityManager();
@@ -186,8 +210,10 @@ public final class SecurityManagerSetup
public Object run() {
- SecurityManager sm = new SecurityManager();
- System.setSecurityManager(sm);
+ if (sm == null)
+ System.setSecurityManager(new SecurityManager());
+ else
+ System.setSecurityManager(sm);
Policy.getPolicy().refresh();
return null;
}