Use chown to set the file owner (#15240)

dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java

@@ -25,8 +25,6 @@ import static org.apache.dolphinscheduler.common.constants.Constants.RESOURCE_VI
 import static org.apache.dolphinscheduler.common.constants.Constants.UTF_8;
 import static org.apache.dolphinscheduler.common.constants.DateConstants.YYYYMMDDHHMMSS;
 
-import org.apache.dolphinscheduler.common.constants.TenantConstants;
-
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.SystemUtils;
 
@@ -37,15 +35,12 @@ import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
 import java.nio.file.Files;
 import java.nio.file.NoSuchFileException;
 import java.nio.file.Path;
 import java.nio.file.attribute.FileAttribute;
 import java.nio.file.attribute.PosixFilePermission;
 import java.nio.file.attribute.PosixFilePermissions;
-import java.nio.file.attribute.UserPrincipal;
-import java.nio.file.attribute.UserPrincipalLookupService;
 import java.util.Set;
 import java.util.zip.CRC32;
 import java.util.zip.CheckedInputStream;
@@ -328,19 +323,23 @@ public class FileUtils {
         return crcString;
     }
 
-    public static void setFileOwner(Path path, String tenant) {
-        try {
-            if (TenantConstants.DEFAULT_TENANT_CODE.equals(tenant)) {
-                log.debug("The current tenant: {} is the default tenant, no need to set the owner for file: {}", tenant,
-                        path);
-                return;
-            }
-            UserPrincipalLookupService userPrincipalLookupService =
-                    FileSystems.getDefault().getUserPrincipalLookupService();
-            UserPrincipal tenantPrincipal = userPrincipalLookupService.lookupPrincipalByName(tenant);
-            Files.setOwner(path, tenantPrincipal);
-        } catch (IOException e) {
-            log.error("Set file: {} owner to: {} failed", path, tenant, e);
+    public static void setFileOwner(Path filePath, String fileOwner) throws InterruptedException, IOException {
+        // We use linux command to set the file owner, since jdk api will not use sudo.
+        String command = String.format("sudo chown %s %s", fileOwner, filePath.toString());
+        Runtime.getRuntime().exec(command);
+        Process process = Runtime.getRuntime().exec(command);
+        if (0 != process.waitFor()) {
+            throw new RuntimeException("Set file: " + filePath + " to owner: " + fileOwner + " failed");
+        }
+    }
+
+    public static void setDirectoryOwner(Path filePath, String fileOwner) throws IOException, InterruptedException {
+        // We use linux command to set the file owner, since jdk api will not use sudo.
+        String command = String.format("sudo chown -R %s %s", fileOwner, filePath.toString());
+        Runtime.getRuntime().exec(command);
+        Process process = Runtime.getRuntime().exec(command);
+        if (0 != process.waitFor()) {
+            throw new RuntimeException("Set directory: " + filePath + " to owner: " + fileOwner + " failed");
         }
     }
 

dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java

@@ -92,8 +92,9 @@ public class TaskExecutionCheckerUtils {
             taskExecutionContext.setAppInfoPath(FileUtils.getAppInfoPath(execLocalPath));
             Path executePath = Paths.get(taskExecutionContext.getExecutePath());
             FileUtils.createDirectoryIfNotPresent(executePath);
-            if (OSUtils.isSudoEnable()) {
-                FileUtils.setFileOwner(executePath, taskExecutionContext.getTenantCode());
+            if (OSUtils.isSudoEnable()
+                    && !TenantConstants.DEFAULT_TENANT_CODE.equals(taskExecutionContext.getTenantCode())) {
+                FileUtils.setDirectoryOwner(executePath, taskExecutionContext.getTenantCode());
             }
         } catch (Throwable ex) {
             throw new TaskException("Cannot create process execute dir", ex);
@@ -129,18 +130,20 @@ public class TaskExecutionCheckerUtils {
                 try {
                     String fullName = fileDownload.getLeft();
                     String fileName = fileDownload.getRight();
-                    log.info("get resource file from path:{}", fullName);
 
                     long resourceDownloadStartTime = System.currentTimeMillis();
-                    storageOperate.download(actualTenant, fullName, execLocalPath + File.separator + fileName, true);
-                    if (OSUtils.isSudoEnable()) {
-                        FileUtils.setFileOwner(Paths.get(execLocalPath, fileName),
+
+                    Path localFileAbsolutePath = Paths.get(execLocalPath, fileName);
+                    storageOperate.download(actualTenant, fullName, localFileAbsolutePath.toString(), true);
+                    log.info("Download resource file {} under: {} successfully", fileName, localFileAbsolutePath);
+                    if (OSUtils.isSudoEnable() && !TenantConstants.DEFAULT_TENANT_CODE.equals(tenant)) {
+                        FileUtils.setFileOwner(localFileAbsolutePath, taskExecutionContext.getTenantCode());
+                        log.info("Set file {} owner to {} successfully", localFileAbsolutePath,
                                 taskExecutionContext.getTenantCode());
                     }
                     WorkerServerMetrics
                             .recordWorkerResourceDownloadTime(System.currentTimeMillis() - resourceDownloadStartTime);
-                    WorkerServerMetrics.recordWorkerResourceDownloadSize(
-                            Files.size(Paths.get(execLocalPath, fileName)));
+                    WorkerServerMetrics.recordWorkerResourceDownloadSize(Files.size(localFileAbsolutePath));
                     WorkerServerMetrics.incWorkerResourceDownloadSuccessCount();
                 } catch (Exception e) {
                     WorkerServerMetrics.incWorkerResourceDownloadFailureCount();