Is there any method to create a file in java that cannot be deleted.
I have googled it and found processes involving the cmd.
However, I require a pure "java" way that can be done on any platform.
Thanks in advance.
Thank you for your help.
I finally got it right.
I used the following code to deny access to user
public static void main() throws IOException
{
Path file = Paths.get("c:/b.txt");
AclFileAttributeView aclAttr = Files.getFileAttributeView(file, AclFileAttributeView.class);
//System.out.println();
UserPrincipalLookupService upls = file.getFileSystem().getUserPrincipalLookupService();
UserPrincipal user = upls.lookupPrincipalByName(System.getProperty("user.name"));
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setPermissions(EnumSet.of(AclEntryPermission.APPEND_DATA, AclEntryPermission.DELETE, AclEntryPermission.DELETE_CHILD, AclEntryPermission.EXECUTE, AclEntryPermission.READ_ACL, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.READ_DATA, AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.SYNCHRONIZE, AclEntryPermission.WRITE_ACL, AclEntryPermission.WRITE_ATTRIBUTES, AclEntryPermission.WRITE_DATA, AclEntryPermission.WRITE_NAMED_ATTRS, AclEntryPermission.WRITE_OWNER));
builder.setPrincipal(user);
builder.setType(AclEntryType.DENY);
aclAttr.setAcl(Collections.singletonList(builder.build()));
}
Try the method setPosixFilePermissions() and set the permissions to read only for all the classes of users. Refer this - http://docs.oracle.com/javase/7/docs/api/java/nio/file/Files.html#setPosixFilePermissions%28java.nio.file.Path,%20java.util.Set%29
If you want to create a file that can't be accidentally overwritten, then look at the various answers to this: How do i programmatically change file permissions?
If you want to create a file that the current program cannot delete at all (but a privileged one could), it might be possible by setting permissions appropriately on the parent directory, or possibly using SELinux Mandatory Access Control cleverness.
If you want to create a truly undeleteable file, then you are out of luck. I am not aware of any operating system that supports creation of files that can never be deleted. It would be an "anti-feature".
I would also agree with #Teifi's comment. Create a file that cannot ever be deleted on the user's machine is not acceptable ... unless done by, or with the authorization of the system's administrators. I would call any software that did that "malicious" too.
Related
I need to create a log file in application directory. Currently I'm using hard-coded absolute path, like
public class Transformer
{
static String LOG_DIR = "ABSOLUTE_PATH_TO_THE_APPLICATION_DIRECTORY";
File log = new File(log_DIR, "log");
}
If someone else have my code, he will has to go the source code, change the LOG_DIR and then recompile. I just know a little about GNU make. My question is, how can I create a "installer" that works like:
./config
make install
and what's the standard/better way of achieving this?
Currently I have:
String path = Transformer.class.getProtectionDomain().getCodeSource().getLocation().getPath()
Best way to load application settings
With 2, I think I can use a shell script to generate a .properties file.
update
Sorry about the confusing "log file", but I actually mean a regular file, it just happen to containing some sort of log information.
You could define the "app.logs.dir" property on application start and refer to it in the log4j configuration:
main(String[] args) {
...
final String appRootDir = /* Detect app location. */;
System.setProperty("app.logs.dir", appRootDir);
// Now we can use the logger.
...
}
And in "log4j.properties":
log4j.appender.filelog.file=${app.logs.dir}/myapp.log
UPDATE
Option #1, the getProtectionDomain() one, might not work depending on the JVM's SecurityManager settings so the best way probably is option #2 - your installer script should store the application installation location in the application configuration file.
And to keep the number of component references low you can read the configuration file into System properties just like I showed above.
File log = new File(System.getProperty("app.logs.dir"), "log");
I have a Linux server and I'm running an image resize job in Java for multiple websites on my server. The website files are owned by different OS users/groups. Newly created thumbnails/previews are owned by the user running the resize job. Now I was googleing around how to change the file owner of newly created previews/thumbnails in my resize program and came across this:
java.nio.file.Files.setOwner(Path path, UserPrincipal owner);
This would really solve my problem if it was Windows, but since a Linux file has a user and a group as owner I'm a bit in trouble. Unfortunately given method seems to only change the user ownership of the file. The group ownership remains with the group of the user running my Java resize job.
The websites are owned by different groups, so adding my resize job user to one group is no option. I also want to avoid system calls with ProcessBuilder and execute a chown on my files.
I do need to point out that the created files (preview/thumbnail) can be accessed via the website and it is not mission critical to change the group ownership, but I wanted it to be as clean as possible.
Any suggestions how I can change the group ownership of a file in Linux only using Java?
Thanks Jim Garrison for pointing me in the correct direction. Here the code, which finally solved the problem for me.
Retrieve the group owner of a file
File originalFile = new File("original.jpg"); // just as an example
GroupPrincipal group = Files.readAttributes(originalFile.toPath(), PosixFileAttributes.class, LinkOption.NOFOLLOW_LINKS).group();
Set the group owner of a file
File targetFile = new File("target.jpg");
Files.getFileAttributeView(targetFile.toPath(), PosixFileAttributeView.class, LinkOption.NOFOLLOW_LINKS).setGroup(group);
I missed a complete solution, here it comes (combination of other answers and comments):
Path p = Paths.get("your file's Path");
String group = "GROUP_NAME";
UserPrincipalLookupService lookupService = FileSystems.getDefault()
.getUserPrincipalLookupService();
GroupPrincipal group = lookupService.lookupPrincipalByGroupName(group);
Files.getFileAttributeView(p, PosixFileAttributeView.class,
LinkOption.NOFOLLOW_LINKS).setGroup(group);
Be aware that only the owner of a file can change its group and only to a group he is a member of...
Take a look at the package java.nio.file.attributes and classPosixFilePermissions. This is where you can manipulate group permissions.
The purpose of this response is to elevate one of the comments received in response to the original posting to a full response level, so that it is more prominently displayed.
Here is what worked for us:
// newUser and newGroup are strings.
UserPrincipalLookupService lookupService = FileSystems.getDefault().getUserPrincipalLookupService();
UserPrincipal userPrincipal = lookupService.lookupPrincipalByName(newUser);
GroupPrincipal groupPrincipal = lookupService.lookupPrincipalByGroupName(newgroup);
Files.setAttribute(filePath, "posix:owner", userPrincipal, LinkOption.NOFOLLOW_LINKS);
Files.setAttribute(filePath, "posix:group", groupPrincipal, LinkOption.NOFOLLOW_LINKS);
Additionally we had to run the Java program as a superuser.
I'm attempting to provide a StreamingResponse for files stored under Lifts resources/toserve directory, in order to authorize access for different users.
I can access an image for example with:
localhost:8080/classpath/images/test.jpg
But when I try and actually read the file using scala I keep getting file not found exceptions:
val file = new java.io.FileInputStream("/classpath/images/test.jpg")
Is there a specific method to reading files located on classpath?
Thanks in advance, much appreciated :)
To read resources from the toserve-directory you need to do a call like
LiftRules.getResource("/toserve/images/test.jpg")
If you try to use 'classpath' instead of 'toserve' you will receive an empty box.
By default, Lift uses two different path-prefixes to locate resources either programmatically within the server or through a link-element from HTML. For the former, you will use the 'toserve'-prefix, for the latter the 'classpath'-prefix.
This behavior is specified in the objects net.liftweb.http.LiftRules and net.liftweb.http.ResourceServer. In particular, you can there specify (i.e. replace) the path to the resources. The relevant code is:
/** (from net.liftweb.http.ResourceServer)
* The base package for serving resources. This way, resource names can't be spoofed
*/
var baseResourceLocation = "toserve"
You might also want to look at the following method in LiftRules, which allows you to redefine the name used to serve resources through the server:
/** (from net.liftweb.http.LiftRules)
* The path to handle served resources
*/
#volatile var resourceServerPath = "classpath"
If you wish to use the same prefix to refer both to resources you can use either (or both) of these settings to achieve your purpose.
Have you tried:
LiftRules.getResource("/classpath/images/test.jpg")
That should return a java.net.URL to the item you are looking for.
This may also have more information on what you are looking to do: http://exploring.liftweb.net/master/index-9.html#lst:streaming-download
I need to set certain system variables from within the program. My Google fu is failing me in finding any way to do it. How do I do it? (I am okay with hacky approaches. I need to be able to run this app on Windows, Linux, and Mac.)
Edit:
Adding here my comment from below the post, as it isn't readily visible there:
The best link I could found was this, and it sets the variables only in memory. They do not persist after the program exit.
Edit:
I am writing an installer and need to somehow record at system level that installation happened (along with paths to some directories). The next time user runs the setup, the installer will check if the variables already exist in the system, in which case a user will be given an appropriate warning.
If twiddling with environment variables is not a good idea, what will be the best approach to achieve the above?
Use
following methods of system class
// Get a system property
String dir = System.getProperty("user.dir");
// Set a system property
String previousValue = System.setProperty("application.property", "newValue");
for more details reffer
http://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CF8QFjAA&url=http%3A%2F%2Fdocs.oracle.com%2Fjavase%2Ftutorial%2Fessential%2Fenvironment%2Fsysprop.html&ei=oHLgT6agKcborAf_3L3-DA&usg=AFQjCNGWSWRjk3ityPQqreuwx_O7Bp7kdg&sig2=Y1tfYzdXAmNX-hpB8Z64kw
If you want your environment variables to persist after your program ends, I would suggest you use the Properties class. It can be persisted to a file very easily, and vice versa.
First of all, Properties is a java class that is used to hold properties that maybe needed for your program. The basic properties that you are talking about are provided by the operating system. Not all of these can be changed. If you try, you will get a SecutrityException (You can't change the os.name for instance). The basic properties are read from the memory of the computer (basically) you can add additional variables to this by setting environment variables in the operating system you are using. Such as in Win95 you can add to the autoexec.bat the line:
set BARTENDER_NAME=Carl
This line can go in any batch file and BARTENDER_NAME will equal Carl until you reset it.
In your java program If you add the line
System.out.println(System.getProperty("BARTEDER_NAME"));
You'll get Carl as the output.
In the bash shell on Linux or Unix you'd use
BARTENDER_NAME=Carl
export BARTENDER_NAME
You can create your own set of properties for your java program and store them in a file and load them using the Properties load() method.
Hope this helps
from
http://www.coderanch.com/t/387634/java/java/Permanently-setting-System-property
Ok this is off the top of my head so it's extremely hacky and stuff.
Get hold of a process and run the command line command that will set the system variables. This isn't portable but it should suffice for short term till you find a better solution.
Because there is not a standard solution for this, I would recommend you to use a Factory Pattern for this. It means something like:
envManager = null
if system is Windows
`envManager = WindowsEnvManager`
else if system is Linux
`envManager = LinuxEnvManager`
else if system is Mac
`envManager = macEnvManager`
persistEnvironment(envManager);
and the persistEnvironment method would call the specific functions on EnvManager.
How about using Java Preferences API. That way you would store this kind of data in the Registry if you run on Windows. Simple tutorial here.
You can store the preferences per system or per user and the preferences are persistent as well as you desire.
Edit
Example:
package com.stackoverflow.Q11100967;
import java.util.prefs.Preferences;
/**
* #author maba, 2012-06-20
*/
public class App {
public static void main(String[] args) {
Preferences preferences = Preferences.systemNodeForPackage(App.class);
if (!preferences.getBoolean("installed", false)) {
// Install the stuff...
preferences.putBoolean("installed", true);
preferences.put("version", "1.2.3");
}
}
}
On Windows the preferences will be stored at HKEY_LOCAL_MACHINE/SOFTWARE/JavaSoft/Prefs/com/stackoverflow/Q11100967.
In order for this to work you have to run your process with admin privileges or a similar approach.
Edit2
On Linux the preferences would be stored at /etc/.java/.systemPrefs/com/stackoverflow/Q11100967/ in a file called prefs.xml with the following content:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE map SYSTEM "http://java.sun.com/dtd/preferences.dtd">
<map MAP_XML_VERSION="1.0">
<entry key="installed" value="true"/>
<entry key="version" value="1.2.3"/>
</map>
Is there any way to completely disable Java security manager?
I'm experimenting with source code of db4o. It uses reflection to persist objects and it seems that security manager doesn't allow reflection to read and write private or protected fields.
My code:
public static void main(String[] args) throws IOException {
System.out.println("start");
new File( DB_FILE_NAME ).delete();
ObjectContainer container = Db4o.openFile( DB_FILE_NAME );
String ob = new String( "test" );
container.store( ob );
ObjectSet result = container.queryByExample( String.class );
System.out.println( "retrieved (" + result.size() + "):" );
while( result.hasNext() ) {
System.out.println( result.next() );
}
container.close();
System.out.println("finish");
}
Output:
start
[db4o 7.4.68.12069 2009-04-18 00:21:30]
AccessibleObject#setAccessible() is not available. Private fields can not be stored.
retrieved (0):
finish
This thread suggests modifying java.policy file to allow reflection but it doesn't seem to work for me.
I'm starting JVM with arguments
-Djava.security.manager -Djava.security.policy==/home/pablo/.java.policy
so specified policy file will be the only policy file used
The file looks like this:
grant {
permission java.security.AllPermission;
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};
I spent last 3 hrs on this and don't have any ideas how to make this work.
Any help appreciated.
You could try adding this to the main() of your program:
System.setSecurityManager(null);
Worked for me for a "trusted" WebStart application when I was having security manager issues. Not sure if it will work for your db4o case, but it might be worth a try.
EDIT: I'm not suggesting that this is a general solution to security manager problems. I was just proposing it as a way to help debug the original poster's problem. Clearly, if you want to benefit from a security manager then you should not disable it.
Do you really have two '=' signs in your java.security.policy command line option? That won't work. Make sure you are setting the property as
-Djava.security.policy=/home/pablo/.java.policy
To actually disable the SecurityManager, simply leaving off the java.security.manager system property altogether should be enough.
Update: As I was reading the documentation for policy files to learn more about the "==" syntax, I noticed that unless the policy file is in the current working directory, it needs to be specified as a URL (including scheme). Have you tried prefixing the policy path with the "file:" scheme?
I was also puzzled because (assuming you are running as user "pablo"), it looks like that policy should be loaded by default from your home directory, so you shouldn't need to specify it at all. On the other hand, if you are not running as the user "pablo", maybe the file is not readable.
I found this example of how to make private fields and methods accessible to your code. Basically, it distills down to the use of Field.setAccessible(true) and Method.setAccessible(true)
Field example:
Field privateStringField = PrivateObject.class.
getDeclaredField("privateString");
privateStringField.setAccessible(true);
Method example:
Method privateStringMethod = PrivateObject.class.
getDeclaredMethod("getPrivateString", null);
privateStringMethod.setAccessible(true);
You could also look at using Groovy with your Java code as it (currently) circumvents much of the access level restrictions of Java code. Although, this message board posting seems to suggest this 'feature' may change in future versions of Groovy.