From c2852d9d8b1ffb3aa5de58e60ee6b5165018f1a4 Mon Sep 17 00:00:00 2001
From: Koji Kawamura <ijokarumawak@apache.org>
Date: Mon, 6 Nov 2017 14:42:44 +0900
Subject: [PATCH] NIFI-4570: Skip permission setting if Posix is not supported

---
 .../org/apache/nifi/bootstrap/RunNiFi.java    | 28 ++++++++++++-------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/nifi-bootstrap/src/main/java/org/apache/nifi/bootstrap/RunNiFi.java b/nifi-bootstrap/src/main/java/org/apache/nifi/bootstrap/RunNiFi.java
index 87027ccd7a61..2a0e36e71b08 100644
--- a/nifi-bootstrap/src/main/java/org/apache/nifi/bootstrap/RunNiFi.java
+++ b/nifi-bootstrap/src/main/java/org/apache/nifi/bootstrap/RunNiFi.java
@@ -34,6 +34,7 @@
 import java.net.Socket;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.FileAlreadyExistsException;
+import java.nio.file.FileSystems;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -1185,17 +1186,24 @@ private void writeSensitiveKeyFile(Map<String, String> props, Path sensitiveKeyF
     private Path createSensitiveKeyFile(File confDir) {
         Path sensitiveKeyFile = Paths.get(confDir+"/sensitive.key");
 
+        final boolean isPosixSupported = FileSystems.getDefault().supportedFileAttributeViews().contains("posix");
         try {
-            // Initially create file with the empty permission set (so nobody can get a file descriptor on it):
-            Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>();
-            FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms);
-            sensitiveKeyFile = Files.createFile(sensitiveKeyFile, attr);
-
-            // Then, once created, add owner-only rights:
-            perms.add(PosixFilePermission.OWNER_WRITE);
-            perms.add(PosixFilePermission.OWNER_READ);
-            attr = PosixFilePermissions.asFileAttribute(perms);
-            Files.setPosixFilePermissions(sensitiveKeyFile, perms);
+            if (isPosixSupported) {
+                // Initially create file with the empty permission set (so nobody can get a file descriptor on it):
+                Set<PosixFilePermission> perms = new HashSet<PosixFilePermission>();
+                FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms);
+                sensitiveKeyFile = Files.createFile(sensitiveKeyFile, attr);
+
+                // Then, once created, add owner-only rights:
+                perms.add(PosixFilePermission.OWNER_WRITE);
+                perms.add(PosixFilePermission.OWNER_READ);
+                attr = PosixFilePermissions.asFileAttribute(perms);
+                Files.setPosixFilePermissions(sensitiveKeyFile, perms);
+            } else {
+                // If Posix is not supported (e.g. Windows) then create the key file without permission settings.
+                cmdLogger.info("Current file system does not support Posix, using default permission settings.");
+                sensitiveKeyFile = Files.createFile(sensitiveKeyFile);
+            }
 
         } catch (final FileAlreadyExistsException faee) {
             cmdLogger.error("The sensitive.key file {} already exists. That shouldn't have been. Aborting.", sensitiveKeyFile);