MAPREDUCE-5202. Revert MAPREDUCE-4397 to improve LinuxTaskController security. (omalley)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2@1478113 13f79535-47bb-0310-9956-ffa450edef68

CHANGES.txt

@@ -212,6 +212,8 @@ Release 1.2.0 - 2013.04.16
 
   BUG FIXES
 
+    MAPREDUCE-5202. Revert MAPREDUCE-4397 to improve LinuxTaskController security. (omalley)
+
     HADOOP-9467. Metrics2 record filter should check name as well as tags.
     (Ganeshan Iyler via llu)
 

src/c++/task-controller/impl/configuration.c

@@ -87,29 +87,6 @@ static int is_only_root_writable(const char *file) {
   return 1;
 }
 
-/**
- * Get the full path of the configuration file.
- * Use $HADOOP_SECURITY_CONF_DIR for the configuration directory, and if
- * it's not set, use the default value in default_conf_dir.
- */
-void get_config_path(char* conf_file_path, int size,
-                     char* default_conf_dir,
-                     const char* conf_file_name) {
-  if (conf_file_name == NULL) {
-    fprintf(LOGFILE, "Null configuration filename passed in\n");
-    exit(INVALID_CONFIG_FILE);
-  }
-  char *orig_conf_dir = getenv("HADOOP_SECURITY_CONF_DIR");
-  if (orig_conf_dir == NULL) {
-    if (default_conf_dir == NULL) {
-      fprintf(LOGFILE, "Null default configuration directory passed in\n");
-      exit(INVALID_CONFIG_FILE);
-    }
-    orig_conf_dir = default_conf_dir;
-  }
-  snprintf(conf_file_path, size, "%s/%s", orig_conf_dir, conf_file_name);
-}
-
 /**
  * Ensure that the configuration file and all of the containing directories
  * are only writable by root. Otherwise, an attacker can change the 

src/c++/task-controller/impl/configuration.h

@@ -16,15 +16,6 @@
  * limitations under the License.
  */
 
-/**
- * Get the full path of the configuration file.
- * Use $HADOOP_SECURITY_CONF_DIR for the configuration directory, and if
- * it's not set, use the default value in default_conf_dir.
- */
-void get_config_path(char* conf_file_path, int size,
-                     char* default_conf_dir,
-                     const char* conf_file_name);
-
 /**
  * Ensure that the configuration file and all of the containing directories
  * are only writable by root. Otherwise, an attacker can change the 

src/c++/task-controller/impl/main.c

@@ -80,11 +80,7 @@ int main(int argc, char **argv) {
   #error HADOOP_CONF_DIR must be defined
 #endif
 
-  char orig_conf_file[PATH_MAX + 1]; // realpath is limitted by PATH_MAX
-  orig_conf_file[PATH_MAX] = 0; // in case of snprintf error
-  get_config_path(orig_conf_file, PATH_MAX + 1,
-                  STRINGIFY(HADOOP_CONF_DIR),
-                  CONF_FILENAME);
+  char *orig_conf_file = STRINGIFY(HADOOP_CONF_DIR) "/" CONF_FILENAME;
   char *conf_file = realpath(orig_conf_file, NULL);
 
   if (conf_file == NULL) {

src/c++/task-controller/test/test-task-controller.c

@@ -281,27 +281,6 @@ void test_check_user() {
   }
 }
 
-void test_get_config_path() {
-  printf("\nTesting get_config_path\n");
-  char conf_file_1[PATH_MAX];
-  char conf_file_2[PATH_MAX];
-  get_config_path(conf_file_1, PATH_MAX, TEST_ROOT, "test.cfg");
-  char *conf_dir = getenv("HADOOP_SECURITY_CONF_DIR");
-  if (conf_dir == NULL) {
-    if (strcmp(conf_file_1, TEST_ROOT "/test.cfg") != 0) {
-      printf("FAIL: got wrong configuration file path\n");
-      exit(1);
-    }
-  }
-  else {
-    snprintf(conf_file_2, PATH_MAX, "%s/%s", conf_dir, "test.cfg");
-    if (strcmp(conf_file_1, conf_file_2) != 0) {
-      printf("FAIL: got wrong configuration file path\n");
-      exit(1);
-    }
-  }
-}
-
 void test_check_configuration_permissions() {
   printf("\nTesting check_configuration_permissions\n");
   if (check_configuration_permissions("/etc/passwd") != 0) {
@@ -843,8 +822,6 @@ int main(int argc, char **argv) {
   printf("\nTesting get_job_log_dir()\n");
   test_get_job_log_dir();
 
-  test_get_config_path();
-
   test_check_configuration_permissions();
 
   printf("\nTesting get_task_log_dir()\n");