rocksdb

Go to file

Imanol-Mikel Barba Sabariego 04191e1c5d Adding safer permissions to PosixFilesystem::NewLogger (#8106 )

Summary:
We have observed rocksdb databases creating info log files with world-writeable permissions.

The reason why the file is created like so is because stdio streams opened with fopen calls use mode 0666, and while normally most systems have a umask of 022, in some occasions (for instance, while running daemons), you may find that the application is running with a less restrictive umask. The result is that when opening the DB, the LOG file would be created with world-writeable perms:

```
$ ls -lh db/
total 6.4M
-rw-r--r-- 1 ibarba users  115 Mar 24 17:41 000004.log
-rw-r--r-- 1 ibarba users   16 Mar 24 17:41 CURRENT
-rw-r--r-- 1 ibarba users   37 Mar 24 17:41 IDENTITY
-rw-r--r-- 1 ibarba users    0 Mar 24 17:41 LOCK
-rw-rw-r-- 1 ibarba users 114K Mar 24 17:41 LOG
-rw-r--r-- 1 ibarba users  514 Mar 24 17:41 MANIFEST-000003
-rw-r--r-- 1 ibarba users  31K Mar 24 17:41 OPTIONS-000018
-rw-r--r-- 1 ibarba users  31K Mar 24 17:41 OPTIONS-000020
```

This diff replaces the fopen call with a regular open() call restricting mode, and then using fdopen to associate an stdio stream with that file descriptor. Resulting in the following files being created:

```
-rw-r--r-- 1 ibarba users   58 Mar 24 18:16 000004.log
-rw-r--r-- 1 ibarba users   16 Mar 24 18:16 CURRENT
-rw-r--r-- 1 ibarba users   37 Mar 24 18:16 IDENTITY
-rw-r--r-- 1 ibarba users    0 Mar 24 18:16 LOCK
-rw-r--r-- 1 ibarba users 111K Mar 24 18:16 LOG
-rw-r--r-- 1 ibarba users  514 Mar 24 18:16 MANIFEST-000003
-rw-r--r-- 1 ibarba users  31K Mar 24 18:16 OPTIONS-000018
-rw-r--r-- 1 ibarba users  31K Mar 24 18:16 OPTIONS-000020
```

With the correct permissions

Pull Request resolved: https://github.com/facebook/rocksdb/pull/8106

Reviewed By: akankshamahajan15

Differential Revision: D27415377

Pulled By: mrambacher

fbshipit-source-id: 97ac6c215700a7ea306f4a1fdf9fcf64a3cbb202

2021-03-29 20:47:21 -07:00

.circleci

Add circleci format_compatible nightly build (#7926 )

2021-02-09 20:48:53 -08:00

.github/workflows

Update clang-format-diff.py path (#7944 )

2021-02-09 12:49:38 -08:00

buckifier

range_tree requires GNU libc on ppc64 (#8070 )

2021-03-29 16:32:08 -07:00

build_tools

range_tree requires GNU libc on ppc64 (#8070 )

2021-03-29 16:32:08 -07:00

cache

Fix some typos in comments (#8066 )

2021-03-25 21:18:08 -07:00

cmake

Add find_dependency() in cmake config file. (#6791 )

2020-05-12 21:18:29 -07:00

coverage

Find the correct gcov (#6904 )

2020-06-01 16:33:05 -07:00

Compaction should not move data to up level (#8116 )

2021-03-29 17:10:42 -07:00

db_stress_tool

Add user-defined timestamps to db_stress (#8061 )

2021-03-23 05:13:30 -07:00

docs

Update github-pages and dependencies (#7850 )

2021-01-11 12:48:01 -08:00

env

Adding safer permissions to PosixFilesystem::NewLogger (#8106 )

2021-03-29 20:47:21 -07:00

examples

make:Fix c header prototypes (#7994 )

2021-03-09 20:44:23 -08:00

file

fix typo (#8118 )

2021-03-29 10:32:10 -07:00

fuzz

Remove Legacy and Custom FileWrapper classes from header files (#7851 )

2021-01-28 22:10:32 -08:00

hdfs

fix build with 'USE_HDFS' on windows (#6950 )

2020-06-12 16:21:50 -07:00

include/rocksdb

Fix comment spelling (#7960 )

2021-03-29 10:37:24 -07:00

java

Fix possible mistype in a comment (#8086 )

2021-03-23 12:37:24 -07:00

logging

Use SystemClock* instead of std::shared_ptr<SystemClock> in lower level routines (#8033 )

2021-03-15 04:34:11 -07:00

memory

Use thread-safe strerror_r() to get error message (#8087 )

2021-03-24 23:07:27 -07:00

memtable

Use SystemClock* instead of std::shared_ptr<SystemClock> in lower level routines (#8033 )

2021-03-15 04:34:11 -07:00

monitoring

Add the statistics and info log for Error handler (#8050 )

2021-03-17 22:38:13 -07:00

options

Use SystemClock* instead of std::shared_ptr<SystemClock> in lower level routines (#8033 )

2021-03-15 04:34:11 -07:00

plugin

Makefile support to statically link external plugin code (#7918 )

2021-02-10 08:35:34 -08:00

port

On ARM platform, use yield op to relax CPU. See issue 7376 (#7438 )

2021-03-26 18:13:24 -07:00

table

Apply sample_for_compression to all block-based tables (#8105 )

2021-03-25 15:00:45 -07:00

test_util

Add ROCKSDB_GTEST_BYPASS (#8048 )

2021-03-12 16:02:06 -08:00

third-party

Fix a compilation error in CircleCI vs2019 CXX20 (#8090 )

2021-03-23 10:28:04 -07:00

tools

Fix check in db_bench for num shard bits to match check in LRUCache (#8110 )

2021-03-29 10:34:54 -07:00

trace_replay

Fix clang analyze for trace replace GetPayload (#8121 )

2021-03-26 17:48:31 -07:00

util

Introduce a ThreadGuard class and use it in ExternalSSTFileTest.PickedLevelBug (#8112 )

2021-03-25 22:08:58 -07:00

utilities

Remove duplicate code (#8079 )

2021-03-22 12:29:21 -07:00

.clang-format

A script that automatically reformat affected lines

2014-01-14 12:21:24 -08:00

.gitignore

gitignore cmake-build-* for CLion integration (#7933 )

2021-02-19 13:43:15 -08:00

.lgtm.yml

Create lgtm.yml for LGTM.com C/C++ analysis (#4058 )

2018-06-26 12:43:04 -07:00

.travis.yml

use LIB_MODE=shared on Travis make commands (#8043 )

2021-03-08 17:21:24 -08:00

.watchmanconfig

Added .watchmanconfig file to rocksdb repo (#5593 )

2019-07-19 15:00:33 -07:00

appveyor.yml

Remove 2019 from appveyor (#7038 )

2020-06-29 14:31:41 -07:00

AUTHORS

Update RocksDB Authors File

2017-10-18 14:42:10 -07:00

CMakeLists.txt

Move compacted_db_impl.[c|h] to db/db_impl (#8082 )

2021-03-23 13:49:26 -07:00

CODE_OF_CONDUCT.md

Adopt Contributor Covenant

2019-08-29 23:21:01 -07:00

CONTRIBUTING.md

Add Code of Conduct

2017-12-05 18:42:35 -08:00

COPYING

Add GPLv2 as an alternative license.

2017-04-27 18:06:12 -07:00

DEFAULT_OPTIONS_HISTORY.md

options.delayed_write_rate use the rate of rate_limiter by default.

2017-05-24 09:58:24 -07:00

defs.bzl

Make testpilot recognize that these tests have coverage instrumentation

2020-03-20 11:23:23 -07:00

DUMP_FORMAT.md

First version of rocksdb_dump and rocksdb_undump.

2015-06-19 16:24:36 -07:00

HISTORY.md

Compaction should not move data to up level (#8116 )

2021-03-29 17:10:42 -07:00

INSTALL.md

Update the version of the dependencies used by the RocksJava static build (#4761 )

2018-12-18 20:25:43 -08:00

issue_template.md

Add Google Group to Issue Template

2020-01-28 14:40:37 -08:00

LANGUAGE-BINDINGS.md

Add RestoreDBFromLatestBackup to C API, add new C# package (#7092 )

2020-07-08 11:56:41 -07:00

LICENSE.Apache

Change RocksDB License

2017-07-15 16:11:23 -07:00

LICENSE.leveldb

Add back the LevelDB license file

2017-07-16 18:42:18 -07:00

Makefile

range_tree requires GNU libc on ppc64 (#8070 )

2021-03-29 16:32:08 -07:00

PLUGINS.md

Makefile support to statically link external plugin code (#7918 )

2021-02-10 08:35:34 -08:00

README.md

Fix the CI badge for ppc64le Jenkins (#7561 )

2020-10-16 09:00:56 -07:00

ROCKSDB_LITE.md

Fix some typos in comments and docs.

2018-03-08 10:27:25 -08:00

src.mk

range_tree requires GNU libc on ppc64 (#8070 )

2021-03-29 16:32:08 -07:00

TARGETS

Move compacted_db_impl.[c|h] to db/db_impl (#8082 )

2021-03-23 13:49:26 -07:00

thirdparty.inc

Fix build jemalloc api (#5470 )

2019-06-24 17:40:32 -07:00

USERS.md

Add Apache Doris to USERS (#7865 )

2021-01-19 15:31:56 -08:00

Vagrantfile

Adding CentOS 7 Vagrantfile & build script

2018-02-26 15:27:17 -08:00

WINDOWS_PORT.md

#5145 , rename port/dirent.h to port/port_dirent.h to avoid compile err when use port dir as header dir output (#5152 )

2019-04-04 11:38:19 -07:00

README.md

RocksDB: A Persistent Key-Value Store for Flash and RAM Storage

RocksDB is developed and maintained by Facebook Database Engineering Team. It is built on earlier work on LevelDB by Sanjay Ghemawat (sanjay@google.com) and Jeff Dean (jeff@google.com)

This code is a library that forms the core building block for a fast key-value server, especially suited for storing data on flash drives. It has a Log-Structured-Merge-Database (LSM) design with flexible tradeoffs between Write-Amplification-Factor (WAF), Read-Amplification-Factor (RAF) and Space-Amplification-Factor (SAF). It has multi-threaded compactions, making it especially suitable for storing multiple terabytes of data in a single database.

Start with example usage here: https://github.com/facebook/rocksdb/tree/master/examples

See the github wiki for more explanation.

The public interface is in include/. Callers should not include or rely on the details of any other header files in this package. Those internal APIs may be changed without warning.

Design discussions are conducted in https://www.facebook.com/groups/rocksdb.dev/ and https://rocksdb.slack.com/

License

RocksDB is dual-licensed under both the GPLv2 (found in the COPYING file in the root directory) and Apache 2.0 License (found in the LICENSE.Apache file in the root directory). You may select, at your option, one of the above-listed licenses.

Languages

C++ 82.1%

Java 10.3%

C 2.5%

Python 1.7%

Perl 1.1%

Other 2.1%