SLIDER-1215 Slider app master does not clean up certificate directories from tmp dir on graceful exit
diff --git a/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java b/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java
index c33f7ac..3f47b98 100644
--- a/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java
+++ b/slider-core/src/main/java/org/apache/slider/server/appmaster/SliderAppMaster.java
@@ -172,6 +172,7 @@
import org.apache.slider.server.appmaster.web.rest.application.ApplicationResouceContentCacheFactory;
import org.apache.slider.server.appmaster.web.rest.application.resources.ContentCache;
import org.apache.slider.server.services.security.CertificateManager;
+import org.apache.slider.server.services.security.SecurityUtils;
import org.apache.slider.server.services.utility.AbstractSliderLaunchedService;
import org.apache.slider.server.services.utility.WebAppService;
import org.apache.slider.server.services.workflow.ServiceThreadFactory;
@@ -1630,6 +1631,9 @@
" it may have been terminated/YARN shutdown in progress: {}", e, e);
} catch (YarnException | IOException e) {
log.info("Failed to unregister application: " + e, e);
+ } finally {
+ // cleanup security dir
+ SecurityUtils.cleanupSecurityDir();
}
if (exception != null) {
throw exception;
diff --git a/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java b/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
index e82ad84..9d699ab 100644
--- a/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
+++ b/slider-core/src/main/java/org/apache/slider/server/services/security/SecurityUtils.java
@@ -84,6 +84,7 @@
private static final String PASS_TOKEN = "pass:";
private static String keystorePass;
private static String securityDir;
+ private static boolean keystoreLocationSpecified;
public static void logOpenSslExitCode(String command, int exitCode) {
if (exitCode == 0) {
@@ -157,12 +158,13 @@
public static void initializeSecurityParameters(MapOperations configMap,
boolean persistPassword) {
- String keyStoreLocation = configMap.getOption(
- SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, getDefaultKeystoreLocation());
+ String keyStoreLocation = configMap
+ .getOption(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION, null);
if (keyStoreLocation == null) {
- LOG.error(SliderXmlConfKeys.KEY_KEYSTORE_LOCATION
- + " is not specified. Unable to initialize security params.");
- return;
+ keyStoreLocation = getDefaultKeystoreLocation();
+ keystoreLocationSpecified = false;
+ } else {
+ keystoreLocationSpecified = true;
}
File secDirFile = new File(keyStoreLocation).getParentFile();
if (!secDirFile.exists()) {
@@ -253,4 +255,12 @@
.append(SliderKeys.KEYSTORE_FILE_NAME).toString();
}
+ public static void cleanupSecurityDir() throws IOException {
+ if (!keystoreLocationSpecified && securityDir != null) {
+ File tmpSecDir = new File(securityDir).getParentFile();
+ LOG.debug("Cleaning up AM created tmp security dir {}",
+ tmpSecDir.getAbsolutePath());
+ FileUtils.deleteDirectory(tmpSecDir);
+ }
+ }
}
diff --git a/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java b/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java
index b5d6a94..3328ae6 100644
--- a/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java
+++ b/slider-core/src/test/java/org/apache/slider/server/appmaster/web/rest/agent/TestAMAgentWebServices.java
@@ -62,6 +62,7 @@
import java.net.URI;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
public class TestAMAgentWebServices {
@@ -208,7 +209,22 @@
// log.info("Agent is running at {}", base_url);
// Thread.sleep(60 * 1000);
// }
-
+
+ public static void testCleanupSecurityDir() throws Exception {
+ // Since initialization is done without setting ssl.server.keystore.location
+ // the security dir is created in temp file system
+ String securityDir = SecurityUtils.getSecurityDir();
+ // validate that the folder exists
+ File securityDirFile = new File(securityDir);
+ assertTrue("securityDir " + securityDir + " should exist",
+ securityDirFile.exists());
+ // call cleanup now and it should be gone
+ SecurityUtils.cleanupSecurityDir();
+ // validate that the folder does not exist anymore
+ assertFalse("securityDir " + securityDir + " should have been deleted",
+ securityDirFile.exists());
+ }
+
private Register createDummyJSONRegister() {
Register register = new Register();
register.setResponseId(-1);
@@ -227,7 +243,7 @@
@AfterClass
public static void tearDownClass() throws Exception{
- FileUtils.deleteDirectory(new File(SecurityUtils.getSecurityDir()));
+ testCleanupSecurityDir();
// Path directory = Paths.get(SecurityUtils.getSecurityDir());
// Files.walkFileTree(directory, new SimpleFileVisitor<Path>() {
// @Override