glassfish
  1. glassfish
  2. GLASSFISH-8455

Need to detect wrong user is at the controls

    Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: V3
    • Fix Version/s: future release
    • Component/s: admin
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

      Description

      This is a Felix Issue – but there is no Subcomponent for core or startup or
      OSGi so I just set it to Admin for now.

      ==================================
      Scenario:

      Normal GF installation.
      logged in as non-root user
      start the domain
      stop the domain
      login as root
      start the domain
      stop the domain
      login as normal user again.

      That's all folks – you can never start the server again. Only root can.

      No messages appear in server.log.

      But ALL the messages appear in the window when starting this way:
      asadmin start-domain --verbose

      There are hundreds of the following errors (I just have a few here because they
      are all very similar)

      Auto-properties install: org.osgi.framework.BundleException: Unable to cache
      bundle: file:/export/home/bnlocal/glassfishv3/glassfish/modules/osgi-main.jar
      Auto-properties start: org.osgi.framework.BundleException: Unable to cache
      bundle: file:/export/home/bnlocal/glassfishv3/glassfish/modules/osgi-main.jar
      ERROR: org.apache.felix.framework.cache.BundleCache: Error creating archive.
      (java.io.FileNotFoundException:
      /export/home/bnlocal/glassfishv3/glassfish/domains/domain1/felix-cache/gf/bundle140/version0.0/revision.location
      (Permission denied))
      ERROR: org.apache.felix.framework.cache.BundleCache: Error creating archive.
      (java.io.FileNotFoundException:
      /export/home/bnlocal/glassfishv3/glassfish/domains/domain1/felix-cache/gf/bundle141/version0.0/revision.location
      (Permission denied))
      ERROR: org.apache.felix.framework.cache.BundleCache: Error creating archive.
      (java.io.FileNotFoundException:
      /export/home/bnlocal/glassfishv3/glassfish/domains/domain1/felix-cache/gf/bundle142/version0.0/revision.location
      (Permission denied))

        Activity

        Hide
        Sanjeeb Sahoo added a comment -

        There are other code which gets executed during server startup before Felix is
        started. So, I suggest we do this security check early in the startup process.
        Any way, I don't have time to do this now. So, feel free to fix or attach a patch.

        Show
        Sanjeeb Sahoo added a comment - There are other code which gets executed during server startup before Felix is started. So, I suggest we do this security check early in the startup process. Any way, I don't have time to do this now. So, feel free to fix or attach a patch.
        Hide
        km added a comment -

        Sahoo, I understand that you don't have time to look into this now, but
        assigning this to me is something of a surprise. I thought you owned ASMain.

        Show
        km added a comment - Sahoo, I understand that you don't have time to look into this now, but assigning this to me is something of a surprise. I thought you owned ASMain.
        Hide
        Tom Mueller added a comment -

        This issue still exists in GlassFish 3.1 and the trunk. However, to see the behavior, it is necessary to remove the domain1/osgi-cache directory before starting the domain as root so that the entire osgi-cache is created by root.

        Bumping up the priority based on the age of the issue and targeting for 3.2.

        Show
        Tom Mueller added a comment - This issue still exists in GlassFish 3.1 and the trunk. However, to see the behavior, it is necessary to remove the domain1/osgi-cache directory before starting the domain as root so that the entire osgi-cache is created by root. Bumping up the priority based on the age of the issue and targeting for 3.2.
        Hide
        Tom Mueller added a comment -

        Marking this as an RFE.

        Show
        Tom Mueller added a comment - Marking this as an RFE.
        Hide
        Tom Mueller added a comment -

        A fix for this issue was initially identified for possible inclusion in the 3.2 release, but after further 3.2 planning, the feature or improvement did not make the cut. This issue is being targeted for a future release. If based on a reevaluation, it is targeted for 3.2, then update the "fix version" again.

        Show
        Tom Mueller added a comment - A fix for this issue was initially identified for possible inclusion in the 3.2 release, but after further 3.2 planning, the feature or improvement did not make the cut. This issue is being targeted for a future release. If based on a reevaluation, it is targeted for 3.2, then update the "fix version" again.

          People

          • Assignee:
            kumara
            Reporter:
            Byron Nevins
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated: