Repository: ambari Updated Branches: refs/heads/branch-2.5 7aff03f59 -> 53a1dc2cf
AMBARI-18347 - Setting fetch_nonlocal_groups to false Can Prevent Services From Starting (jonathanhurley) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/53a1dc2c Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/53a1dc2c Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/53a1dc2c Branch: refs/heads/branch-2.5 Commit: 53a1dc2cf0c489ac8e05235e747f6f7686bb087e Parents: 7aff03f Author: Jonathan Hurley <jhur...@hortonworks.com> Authored: Thu Sep 8 16:44:07 2016 -0400 Committer: Jonathan Hurley <jhur...@hortonworks.com> Committed: Fri Sep 9 16:12:58 2016 -0400 ---------------------------------------------------------------------- .../resource_management/TestUserResource.py | 36 ++++++++++++++++++++ .../core/providers/accounts.py | 26 ++++++++------ 2 files changed, 52 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/53a1dc2c/ambari-agent/src/test/python/resource_management/TestUserResource.py ---------------------------------------------------------------------- diff --git a/ambari-agent/src/test/python/resource_management/TestUserResource.py b/ambari-agent/src/test/python/resource_management/TestUserResource.py index 2a97676..4bba469 100644 --- a/ambari-agent/src/test/python/resource_management/TestUserResource.py +++ b/ambari-agent/src/test/python/resource_management/TestUserResource.py @@ -214,6 +214,42 @@ class TestUserResource(TestCase): popen_mock.assert_called_with(['/bin/bash', '--login', '--noprofile', '-c', "ambari-sudo.sh PATH=/bin -H -E useradd -m mapred"], shell=False, preexec_fn=None, stderr=-2, stdout=-1, env={'PATH': '/bin'}, cwd=None, close_fds=True) self.assertEqual(popen_mock.call_count, 1) + @patch('__builtin__.open') + @patch("pwd.getpwnam") + def test_parsing_local_users(self, pwd_mock, open_mock): + """ + Tests that parsing users out of /etc/groups can tolerate some bad lines + """ + class MagicFile(object): + def read(self): + return """ + group1:x:1: + group2:x:2:user1,user2 + group3:x:3 + invalid + """ + + def __exit__(self, exc_type, exc_val, exc_tb): + pass + + def __enter__(self): + return self + + pwd_mock.return_value = "user1" + open_mock.return_value = MagicFile() + + from resource_management.core.providers.accounts import UserProvider + + user = MagicMock() + provider = UserProvider(user) + provider.resource.username = "user1" + provider.resource.fetch_nonlocal_groups = False + groups = provider.user_groups + + self.assertEquals(1, len(groups)) + self.assertTrue("group2" in groups) + + def _get_user_entity(): user = MagicMock() user.pw_name='mapred' http://git-wip-us.apache.org/repos/asf/ambari/blob/53a1dc2c/ambari-common/src/main/python/resource_management/core/providers/accounts.py ---------------------------------------------------------------------- diff --git a/ambari-common/src/main/python/resource_management/core/providers/accounts.py b/ambari-common/src/main/python/resource_management/core/providers/accounts.py index 5169b12..c4f2496 100644 --- a/ambari-common/src/main/python/resource_management/core/providers/accounts.py +++ b/ambari-common/src/main/python/resource_management/core/providers/accounts.py @@ -98,19 +98,25 @@ class UserProvider(Provider): def user_groups(self): if self.resource.fetch_nonlocal_groups: return [g.gr_name for g in grp.getgrall() if self.resource.username in g.gr_mem] - else: - with open('/etc/group', 'rb') as fp: - content = fp.read() - - groups = [] - for line in content.splitlines(): - entries = line.split(':') - group_name = entries[0] + + with open('/etc/group', 'rb') as fp: + content = fp.read() + + # Each line should have 4 parts, even with no members (trailing colon) + # group-name:group-password:group-id: + # group-name:group-password:group-id:group-members + groups = [] + for line in content.splitlines(): + entries = line.split(':') + + # attempt to parse the users in the group only if there are 4 parts + if(len(entries) >= 4): + group_name = entries[0].strip() group_users = entries[3].split(',') if self.user in group_users: groups.append(group_name) - - return groups + + return groups class GroupProvider(Provider): options = dict(