Re: [jira] Commented: (DERBY-1241) When booting a database under security manager, boot may fail with message java.sql.SQLException: Java exception: 'access denied (java.io.FilePermission for logmirror.ctrl if database was not shutdown cleanly after previous access

Tue, 01 Aug 2006 16:04:37 -0700

patch looks good to me - one line change seems obvious fix, and looks like what suresh suggested was probably the fix. Since it fixes the by hand check case I say check it in, even if no new test. 

Andrew McIntyre (JIRA) wrote:
[ http://issues.apache.org/jira/browse/DERBY-1241?page=comments#action_12425051 ] Andrew McIntyre commented on DERBY-1241: 
----------------------------------------

This is a pretty obvious fix for a serious problem. I think we should get this 
in for 10.2, even if writing a proper regression test for it won't happen till 
later. And, I see that Myrna has also filed a JIRA for that so it won't drop 
off the radar.

Does anyone object to committing this patch?



When booting a database under security manager,  boot may  fail with message 
java.sql.SQLException: Java exception: 'access denied (java.io.FilePermission   
for  logmirror.ctrl   if database was not shutdown cleanly after  previous 
access
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

               Key: DERBY-1241
               URL: http://issues.apache.org/jira/browse/DERBY-1241
           Project: Derby
        Issue Type: Bug
        Components: Store
          Reporter: Suresh Thalamati
       Assigned To: Myrna van Lunteren
          Priority: Critical
           Fix For: 10.2.0.0

       Attachments: DERBY-1241_20060801.diff, derby_tests.policy
logmirror.ctrl is getting accessed outside the privileged block when the checkpoint instant is invalid on log factory boot method and cause this failure on boot if the database was not shutdown cleanly. The reproduction (see comment) shows that can happens after database creation. This problem was reported on the derby-dev list by Olav Sandstaa , filing jira entry for it. Olav Sandstaa wrote: 


Rick Hillegas <[EMAIL PROTECTED]> wrote:

java.sql.SQLException: Java exception: 'access denied (java.io.FilePermission 
/export/home/tmp/derbyjdbc4/DerbyNetClient/TestConnectionMethods/wombat/log/logmirror.ctrl
 read): java.security.AccessControlException'.
   at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:321)
   at java.security.AccessController.checkPermission(AccessController.java:546)
   at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
   at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
   at java.io.File.exists(File.java:731)
   at org.apache.derby.impl.store.raw.log.LogToFile.boot(LogToFile.java:2940)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
   at 
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
   at 
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
   at 
org.apache.derby.impl.store.raw.data.BaseDataFileFactory.bootLogFactory(BaseDataFileFactory.java:1762)
   at 
org.apache.derby.impl.store.raw.data.BaseDataFileFactory.setRawStoreFactory(BaseDataFileFactory.java:1218)
   at org.apache.derby.impl.store.raw.RawStore.boot(RawStore.java:250)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
   at 
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
   at 
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
   at 
org.apache.derby.impl.store.access.RAMAccessManager.boot(RAMAccessManager.java:987)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
   at 
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.startModule(BaseMonitor.java:542)
   at 
org.apache.derby.iapi.services.monitor.Monitor.bootServiceModule(Monitor.java:418)
   at org.apache.derby.impl.db.BasicDatabase.bootStore(BasicDatabase.java:738)
   at org.apache.derby.impl.db.BasicDatabase.boot(BasicDatabase.java:178)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.boot(BaseMonitor.java:1996)
   at 
org.apache.derby.impl.services.monitor.TopService.bootModule(TopService.java:290)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.bootService(BaseMonitor.java:1831)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.startProviderService(BaseMonitor.java:1697)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.findProviderAndStartService(BaseMonitor.java:1577)
   at 
org.apache.derby.impl.services.monitor.BaseMonitor.startPersistentService(BaseMonitor.java:990)
   at 
org.apache.derby.iapi.services.monitor.Monitor.startPersistentService(Monitor.java:541)
   at 
org.apache.derby.impl.jdbc.EmbedConnection.bootDatabase(EmbedConnection.java:1586)
   at 
org.apache.derby.impl.jdbc.EmbedConnection.<init>(EmbedConnection.java:216)
   at 
org.apache.derby.impl.jdbc.EmbedConnection30.<init>(EmbedConnection30.java:72)
   at 
org.apache.derby.impl.jdbc.EmbedConnection40.<init>(EmbedConnection40.java:48)
   at org.apache.derby.jdbc.Driver40.getNewEmbedConnection(Driver40.java:62)
   at org.apache.derby.jdbc.InternalDriver.connect(InternalDriver.java:199)
   at org.apache.derby.impl.drda.Database.makeConnection(Database.java:231)
   at 
org.apache.derby.impl.drda.DRDAConnThread.getConnFromDatabaseName(DRDAConnThread.java:1147)
   at 
org.apache.derby.impl.drda.DRDAConnThread.verifyUserIdPassword(DRDAConnThread.java:1125)
   at 
org.apache.derby.impl.drda.DRDAConnThread.parseSECCHK(DRDAConnThread.java:2709)
   at 
org.apache.derby.impl.drda.DRDAConnThread.parseDRDAConnection(DRDAConnThread.java:987)
   at 
org.apache.derby.impl.drda.DRDAConnThread.processCommands(DRDAConnThread.java:830)
   at org.apache.derby.impl.drda.DRDAConnThread.run(DRDAConnThread.java:236)

The security exception is raised when Derby tries to get access to the
log/logmirror.ctrl file during the second startup of the database. I
would have expected that since this file was created earlier during
the initial startup of the test, the test should already have the
required security permissions to access it during the second startup?

Anyway, the best solution to this problem would be to be able to reuse
functionality that already might exist in the test framework. Any
suggestions are appreciated.

Regards,
Olav



By looking at the stack it looks like log/logmirror.ctrl  is not getting 
accessed in the privileged block at  line 2940 in LogToFile.java.
if (checkpointInstant == LogCounter.INVALID_LOG_INSTANT &&                     
getMirrorControlFileName().exists())
Not sure how you got checkpointInstant to be INVALID , may be your test program 
might have exited before a first valid checkpoint. Any one fixing this bugs 
should make sure that is the case.
In any case  call to exists should have been 
privExists(getMirrorControlFileName()).
Please file a Jira entry  with information on how to reproduce this bug.
Thanks
-suresh

Reply via email to