ambari git commit: AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley)

jonathanhurley Fri, 09 Sep 2016 13:16:26 -0700

Repository: ambari
Updated Branches:
  refs/heads/branch-2.5 7aff03f59 -> 53a1dc2cf



AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From 
Starting (jonathanhurley)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/53a1dc2c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/53a1dc2c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/53a1dc2c

Branch: refs/heads/branch-2.5
Commit: 53a1dc2cf0c489ac8e05235e747f6f7686bb087e
Parents: 7aff03f
Author: Jonathan Hurley <jhur...@hortonworks.com>
Authored: Thu Sep 8 16:44:07 2016 -0400
Committer: Jonathan Hurley <jhur...@hortonworks.com>
Committed: Fri Sep 9 16:12:58 2016 -0400

----------------------------------------------------------------------
 .../resource_management/TestUserResource.py     | 36 ++++++++++++++++++++
 .../core/providers/accounts.py                  | 26 ++++++++------
 2 files changed, 52 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/53a1dc2c/ambari-agent/src/test/python/resource_management/TestUserResource.py
----------------------------------------------------------------------
diff --git 
a/ambari-agent/src/test/python/resource_management/TestUserResource.py 
b/ambari-agent/src/test/python/resource_management/TestUserResource.py
index 2a97676..4bba469 100644
--- a/ambari-agent/src/test/python/resource_management/TestUserResource.py
+++ b/ambari-agent/src/test/python/resource_management/TestUserResource.py
@@ -214,6 +214,42 @@ class TestUserResource(TestCase):
     popen_mock.assert_called_with(['/bin/bash', '--login', '--noprofile', 
'-c', "ambari-sudo.sh  PATH=/bin -H -E useradd -m mapred"], shell=False, 
preexec_fn=None, stderr=-2, stdout=-1, env={'PATH': '/bin'}, cwd=None, 
close_fds=True)
     self.assertEqual(popen_mock.call_count, 1)
 
+  @patch('__builtin__.open')
+  @patch("pwd.getpwnam")
+  def test_parsing_local_users(self, pwd_mock, open_mock):
+    """
+    Tests that parsing users out of /etc/groups can tolerate some bad lines
+    """
+    class MagicFile(object):
+      def read(self):
+        return  """
+          group1:x:1:
+          group2:x:2:user1,user2
+          group3:x:3
+          invalid
+        """
+
+      def __exit__(self, exc_type, exc_val, exc_tb):
+        pass
+
+      def __enter__(self):
+        return self
+
+    pwd_mock.return_value = "user1"
+    open_mock.return_value = MagicFile()
+
+    from resource_management.core.providers.accounts import UserProvider
+
+    user = MagicMock()
+    provider = UserProvider(user)
+    provider.resource.username = "user1"
+    provider.resource.fetch_nonlocal_groups = False
+    groups = provider.user_groups
+
+    self.assertEquals(1, len(groups))
+    self.assertTrue("group2" in groups)
+
+
 def _get_user_entity():
   user = MagicMock()
   user.pw_name='mapred'

http://git-wip-us.apache.org/repos/asf/ambari/blob/53a1dc2c/ambari-common/src/main/python/resource_management/core/providers/accounts.py
----------------------------------------------------------------------
diff --git 
a/ambari-common/src/main/python/resource_management/core/providers/accounts.py 
b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
index 5169b12..c4f2496 100644
--- 
a/ambari-common/src/main/python/resource_management/core/providers/accounts.py
+++ 
b/ambari-common/src/main/python/resource_management/core/providers/accounts.py
@@ -98,19 +98,25 @@ class UserProvider(Provider):
   def user_groups(self):
     if self.resource.fetch_nonlocal_groups:
       return [g.gr_name for g in grp.getgrall() if self.resource.username in 
g.gr_mem]
-    else:
-      with open('/etc/group', 'rb') as fp:
-        content = fp.read()
-      
-      groups = []
-      for line in content.splitlines():
-        entries = line.split(':')
-        group_name = entries[0]
+
+    with open('/etc/group', 'rb') as fp:
+      content = fp.read()
+
+    # Each line should have 4 parts, even with no members (trailing colon)
+    # group-name:group-password:group-id:
+    # group-name:group-password:group-id:group-members
+    groups = []
+    for line in content.splitlines():
+      entries = line.split(':')
+
+      # attempt to parse the users in the group only if there are 4 parts
+      if(len(entries) >= 4):
+        group_name = entries[0].strip()
         group_users = entries[3].split(',')
         if self.user in group_users:
           groups.append(group_name)
-          
-      return groups
+
+    return groups
 
 class GroupProvider(Provider):
   options = dict(

ambari git commit: AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley)

Reply via email to