apache · ruanwenjun · Jan 8, 2025 · Dec 25, 2024 · Dec 26, 2024 · Dec 26, 2024
@@ -19,7 +19,9 @@ Administrator login, default username/password: admin/dolphinscheduler123
 - Tenant Code: **The tenant code is the user on Linux, unique and cannot be repeated**
 - The administrator enters the `Security Center->Tenant Management` page, and clicks the `Create Tenant` button to create a tenant.
 
-> Note: Currently, only admin users can modify tenant.
+> Note: 
+> 1. Currently, only admin users can modify tenant.
+> 2. If you create a tenant manually in the Linux, you need to add the manually created tenant to the dolphinscheduler bootstrap user's group, so that the tenant will have enough working directory permissions.
 
 ![create-tenant](../../../../img/new_ui/dev/security/create-tenant.png)
 

@@ -18,7 +18,9 @@
 - 租户编码：**租户编码是 Linux上 的用户，唯一，不能重复**
 - 管理员进入安全中心->租户管理页面，点击“创建租户”按钮，创建租户。
 
-> 注意：目前仅有 admin 用户可以修改租户。
+> 注意：
+> 1. 目前仅有 admin 用户可以修改租户；
+> 2. 如果您在 Linux 中手动创建一个租户，则需要将手动创建的租户添加到 dolphinscheduler bootstrap 用户组，以便该租户拥有足够的工作目录权限。
 
 ![create-tenant](../../../../img/new_ui/dev/security/create-tenant.png)
 

@@ -64,6 +64,8 @@ public class FileUtils {
 
     private static final Set<PosixFilePermission> PERMISSION_755 = PosixFilePermissions.fromString("rwxr-xr-x");
 
+    private static final Set<PosixFilePermission> PERMISSION_775 = PosixFilePermissions.fromString("rwxrwxr-x");
+
     /**
      * get download file absolute path and name
      *
@@ -266,7 +268,7 @@ public static void createDirectoryWith755(@NonNull Path path) throws IOException
                 Files.setPosixFilePermissions(path, PERMISSION_755);
             } catch (FileAlreadyExistsException fileAlreadyExistsException) {
                 // Catch the FileAlreadyExistsException here to avoid create the same parent directory in parallel
-                log.debug("The directory: {} already exists", path);
+                log.error("The directory: {} already exists", path);
             }
 
         }
@@ -289,6 +291,29 @@ public static void setFileTo755(File file) throws IOException {
         }
     }
 
+    public static void createDirectoryWith775(@NonNull Path path) throws IOException {
+        if (path.toFile().exists()) {
+            return;
+        }
+        if (OSUtils.isWindows()) {
+            Files.createDirectories(path);
+        } else {
+            Path parent = path.getParent();
+            if (parent != null && !parent.toFile().exists()) {
+                createDirectoryWith755(parent);
+            }
+
+            try {
+                Files.createDirectory(path);
+                Files.setPosixFilePermissions(path, PERMISSION_775);
+            } catch (FileAlreadyExistsException fileAlreadyExistsException) {
+                // Catch the FileAlreadyExistsException here to avoid create the same parent directory in parallel
+                log.error("The directory: {} already exists", path);
+            }
+
+        }
+    }
+
     public static String concatFilePath(String... paths) {
         if (paths.length == 0) {
             throw new IllegalArgumentException("At least one path should be provided");

@@ -50,7 +50,8 @@ public static void createTaskInstanceWorkingDirectory(TaskExecutionContext taskE
                 log.warn("The TaskInstance WorkingDirectory: {} is exist, will recreate again",
                         taskInstanceWorkingDirectory);
             }
-            FileUtils.createDirectoryWith755(Paths.get(taskInstanceWorkingDirectory));
+
+            FileUtils.createDirectoryWith775(Paths.get(taskInstanceWorkingDirectory));
 
             taskExecutionContext.setExecutePath(taskInstanceWorkingDirectory);
             taskExecutionContext.setAppInfoPath(FileUtils.getAppInfoPath(taskInstanceWorkingDirectory));