Issue #5451 - Private Work Dir

[joakime]

No description provided.

[joakime]

Do we need the start module for the configuration of the posix perms?

[gregw]

@janbartel and I have reviewed. We are OK with the general behaviour, but we don't like all the extra getters and setters and would prefer to use attributes.

API is forever!

[gregw]

I'm not sure we need to create a lot of new API for this. Can we just do it with attributes: context, server then system

Suggested change

	if (fileStore.supportsFileAttributeView(PosixFileAttributeView.class))
	{
	String workDirPerms = context.getTempDirectoryPosixPermissions();
	Set<PosixFilePermission> permSet = PosixFilePermissions.fromString(workDirPerms);
	tmpDir = Files.createTempDirectory(parentPath, temp, PosixFilePermissions.asFileAttribute(permSet)).toFile();
	}
	if (fileStore.supportsFileAttributeView(PosixFileAttributeView.class))
	{
	String workDirPerms = (String) context.getAttribute(TEMP_DIRECTORY_POSIX_PERMISSIONS);
	if (workDirPerms == null)
	workDirPerms = (String) context.getServer().getAttribute(TEMP_DIRECTORY_POSIX_PERMISSIONS);
	if (workDirPerms == null)
	workDirPerms = (String) System.getProperty(TEMP_DIRECTORY_POSIX_PERMISSIONS, "rwx------");
	Set<PosixFilePermission> permSet = PosixFilePermissions.fromString(workDirPerms);
	tmpDir = Files.createTempDirectory(parentPath, temp, PosixFilePermissions.asFileAttribute(permSet)).toFile();
	}

We've changed tmp dir stuff a number of times... once a thing is said in API it is forever! So I think we just lean towards to loose attributes rather than API.

[joakime]

What's the String you see for TEMP_DIRECTORY_POSIX_PERMISSIONS ?

[joakime]

The biggest issue with attributes is making them friendly for start modules.

[joakime]

Also, where does TEMP_DIRECTORY_POSIX_PERMISSIONS exist?
Not the WebAppContext, how about IO ? or the Server?

[gregw]

I know this is closed, but will answer so record my thoughts.

I see these attributes as hints to the implementation, so the string should be "org.eclipse.jetty.webapp.WebInfConfiguration.TEMP_DIRECTORY_POSIX_PERMISSIONS" and defined as a constant in WebInfConfiguration.

It is easy to make friendly for start modules, because we write the XML for those modules, thus we write the XML like:

  <Call name="setAttribute">
    <Arg>org.eclipse.jetty.webapp.WebInfConfiguration.TEMP_DIRECTORY_POSIX_PERMISSIONS</arg>
    <Arg><Property name="jetty.webapp.tmpDirPosixPermissions"/></Arg>
  </Call>

and then we just add to the ini-template of webapp.mod:

## Set the permissions of temporary directory on POSIX file systems
# jetty.webapp.tmpDirPosixPermissions=rwx------

Ultimately, this is no different at the start module level than if we had dedicated APIs

[gregw]

Maybe we should also do this with an attribute so we don't commit to a forever API:

Suggested change

	if (context.getServer().isWorkDirectoryPersistent())
	{
	context.setPersistTempDirectory(true);
	}
	Object workNotPersistent = context.getServer().getAttribute(WORK_DIRECTORY_NOT_PERSISTENT);
	if (workNotPersistent != null && Boolean.valueOf(workNotPersistent))
	context.setPersistTempDirectory(true);

[joakime]

Closing in favor of replacement PR #5458