patch looks good to me - one line change seems obvious fix, and looks
like what suresh suggested was probably the fix. Since it fixes the by
hand check case I say check it in, even if no new test.
Andrew McIntyre (JIRA) wrote:
[ http://issues.apache.org/jira/browse/DERBY-1241?page=comments#action_12425051 ]
Andrew McIntyre commented on DERBY-1241:
----------------------------------------
This is a pretty obvious fix for a serious problem. I think we should get this
in for 10.2, even if writing a proper regression test for it won't happen till
later. And, I see that Myrna has also filed a JIRA for that so it won't drop
off the radar.
Does anyone object to committing this patch?
When booting a database under security manager, boot may fail with message
java.sql.SQLException: Java exception: 'access denied (java.io.FilePermission
for logmirror.ctrl if database was not shutdown cleanly after previous
access
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: DERBY-1241
URL: http://issues.apache.org/jira/browse/DERBY-1241
Project: Derby
Issue Type: Bug
Components: Store
Reporter: Suresh Thalamati
Assigned To: Myrna van Lunteren
Priority: Critical
Fix For: 10.2.0.0
Attachments: DERBY-1241_20060801.diff, derby_tests.policy
logmirror.ctrl is getting accessed outside the privileged block when the checkpoint instant is invalid on log factory boot method and cause this failure on boot if the database was not shutdown cleanly. The reproduction (see comment) shows that can happens after database creation.
This problem was reported on the derby-dev list by Olav Sandstaa , filing jira entry for it.
Olav Sandstaa wrote:
Rick Hillegas <[EMAIL PROTECTED]> wrote:
java.sql.SQLException: Java exception: 'access denied (java.io.FilePermission
/export/home/tmp/derbyjdbc4/DerbyNetClient/TestConnectionMethods/wombat/log/logmirror.ctrl
read): java.security.AccessControlException'.
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:321)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at org.apache.derby.impl.store.raw.log.LogToFile.boot(LogToFile.java:2940)
at
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
at
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
at
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
at
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
at
org.apache.derby.impl.store.raw.data.BaseDataFileFactory.bootLogFactory(BaseDataFileFactory.java:1762)
at
org.apache.derby.impl.store.raw.data.BaseDataFileFactory.setRawStoreFactory(BaseDataFileFactory.java:1218)
at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:250)
at
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
at
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
at
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
at
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
at
org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:987)
at
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
at
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
at
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
at
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:738)
at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:178)
at
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
at
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
at
org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1831)
at
org.apache.derby.impl.services.monitor.BaseMonitor.startProviderService(BaseMonitor.java:1697)
at
org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(BaseMonitor.java:1577)
at
org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(BaseMonitor.java:990)
at
org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Monitor.java:541)
at
org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1586)
at
org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:216)
at
org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:72)
at
org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:48)
at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:62)
at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:199)
at org.apache.derby.impl.drda.Database.makeConnection(Database.java:231)
at
org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1147)
at
org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1125)
at
org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2709)
at
org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:987)
at
org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:830)
at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:236)
The security exception is raised when Derby tries to get access to the
log/logmirror.ctrl file during the second startup of the database. I
would have expected that since this file was created earlier during
the initial startup of the test, the test should already have the
required security permissions to access it during the second startup?
Anyway, the best solution to this problem would be to be able to reuse
functionality that already might exist in the test framework. Any
suggestions are appreciated.
Regards,
Olav
By looking at the stack it looks like log/logmirror.ctrl is not getting
accessed in the privileged block at line 2940 in LogToFile.java.
if (checkpointInstant == LogCounter.INVALID_LOG_INSTANT &&
getMirrorControlFileName().exists())
Not sure how you got checkpointInstant to be INVALID , may be your test program
might have exited before a first valid checkpoint. Any one fixing this bugs
should make sure that is the case.
In any case call to exists should have been
privExists(getMirrorControlFileName()).
Please file a Jira entry with information on how to reproduce this bug.
Thanks
-suresh