|
26 | 26 | import java.nio.file.attribute.AclEntryPermission; |
27 | 27 | import java.nio.file.attribute.AclEntryType; |
28 | 28 | import java.nio.file.attribute.AclFileAttributeView; |
29 | | -import java.nio.file.attribute.PosixFilePermission; |
30 | 29 | import java.util.HashMap; |
31 | 30 | import java.util.List; |
32 | 31 | import java.util.Map; |
33 | 32 | import java.util.stream.Collectors; |
34 | 33 | import java.util.Optional; |
35 | | -import java.util.Set; |
36 | 34 |
|
37 | 35 | import org.slf4j.Logger; |
38 | 36 | import org.slf4j.LoggerFactory; |
@@ -75,6 +73,8 @@ public class ApplicationRunner implements CommandLineRunner { |
75 | 73 |
|
76 | 74 | private final Logger logger = LoggerFactory.getLogger(ApplicationRunner.class); |
77 | 75 | private static final List<String> SOCKET_ALLOWED_USERS = Splitter.on(',') |
| 76 | + .omitEmptyStrings() |
| 77 | + .trimResults() |
78 | 78 | .splitToList(System.getProperty("socket.allowed.users", "")); |
79 | 79 |
|
80 | 80 | @Value("${socket.file}") |
@@ -136,16 +136,11 @@ public void start(String path) throws Exception { |
136 | 136 | } |
137 | 137 | } |
138 | 138 |
|
139 | | - private static void manageSocketPermissions(String pathString) throws IOException { |
140 | | - Set<PosixFilePermission> permissions = Set.of( |
141 | | - PosixFilePermission.OWNER_READ, |
142 | | - PosixFilePermission.OWNER_WRITE, |
143 | | - PosixFilePermission.OWNER_EXECUTE); |
144 | | - Path path = Paths.get(pathString); |
145 | | - Files.setPosixFilePermissions(path, permissions); |
| 139 | + private static void manageSocketPermissions(String socketFile) throws IOException { |
| 140 | + Runtime.getRuntime().exec("chmod 700 " + socketFile); |
146 | 141 |
|
147 | 142 | if (!SOCKET_ALLOWED_USERS.isEmpty()) { |
148 | | - Optional.ofNullable(Files.getFileAttributeView(path, AclFileAttributeView.class)) |
| 143 | + Optional.ofNullable(Files.getFileAttributeView(Paths.get(socketFile), AclFileAttributeView.class)) |
149 | 144 | .orElseThrow(() -> new UnsupportedOperationException("ACLs are not supported on this filesystem.")) |
150 | 145 | .setAcl(SOCKET_ALLOWED_USERS.stream() |
151 | 146 | .map(ApplicationRunner::computeAclEntry) |
|
0 commit comments