added some extra extended conf tests

DEVELOPMENT.md

@@ -172,7 +172,7 @@ mvn test -Dimage=$(cat build/<BASE OS>/coredb/.image-id-community) -Dadminimage=
    1. Select the "EnvFile" tab
    2. Make sure "Enable EnvFile" is checked.
    3. Click the `+` then click to add a `.env` file.
-   4. In the file selection box select `./build/<BASE OS>/devenv-enterprise.env` or `./build/<BASE OS>/devenv-community.env` depending on which one you want to test. If you do not have the `./tmp` directory, build the docker image and it will be created.
+   4. In the file selection box select `./build/<BASE OS>/devenv-enterprise.env` or `./build/<BASE OS>/devenv-community.env` depending on which one you want to test. If you do not have the `./build` directory, build the docker image and it will be created.
    5. Rebuilding the Neo4j image will regenerate the `.env` files, so you don't need to worry about keeping the environment up to date.
 
 You should now be able to run unit tests straight from the IDE.

build-docker-image.sh

@@ -75,8 +75,6 @@ function get_compatible_dockerfile_for_os_or_error
     fi
     echo >&2 "${IMAGE_OS} is not a supported operating system for ${version}."
     usage
-    DOCKERFILE_NAME
-
 }
 
 function tarball_name
@@ -167,12 +165,10 @@ cp "$(cached_tarball "${NEO4JVERSION}" "${NEO4JEDITION}")" ${COREDB_LOCALCXT_DIR
 
 # create coredb Dockerfile
 cp "${SRC_DIR}/${SERIES}/coredb/${DOCKERFILE_NAME}" "${COREDB_LOCALCXT_DIR}/Dockerfile"
-sed -i \
-    -e "s|%%NEO4J_SHA%%|${coredb_sha}|" \
-    -e "s|%%NEO4J_TARBALL%%|$(tarball_name "${NEO4JVERSION}" "${NEO4JEDITION}")|" \
-    -e "s|%%NEO4J_EDITION%%|${NEO4JEDITION}|" \
-    -e "s|%%NEO4J_DIST_SITE%%|${DISTRIBUTION_SITE}|" \
-    "${COREDB_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_SHA%%|${coredb_sha}|" "${COREDB_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_TARBALL%%|$(tarball_name "${NEO4JVERSION}" "${NEO4JEDITION}")|" "${COREDB_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_EDITION%%|${NEO4JEDITION}|" "${COREDB_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_DIST_SITE%%|${DISTRIBUTION_SITE}|" "${COREDB_LOCALCXT_DIR}/Dockerfile"
 
 # copy neo4j-admin sources
 mkdir -p ${ADMIN_LOCALCXT_DIR}/local-package
@@ -182,13 +178,10 @@ cp ${SRC_DIR}/${SERIES}/neo4j-admin/*.sh ${ADMIN_LOCALCXT_DIR}/local-package
 
 # create neo4j-admin Dockerfile
 cp "${SRC_DIR}/${SERIES}/neo4j-admin/${DOCKERFILE_NAME}" "${ADMIN_LOCALCXT_DIR}/Dockerfile"
-sed -i \
-    -e "s|%%NEO4J_SHA%%|${coredb_sha}|" \
-    -e "s|%%NEO4J_TARBALL%%|$(tarball_name ${NEO4JVERSION} ${NEO4JEDITION})|" \
-    -e "s|%%NEO4J_EDITION%%|${NEO4JEDITION}|" \
-    -e "s|%%NEO4J_DIST_SITE%%|${DISTRIBUTION_SITE}|" \
-    "${ADMIN_LOCALCXT_DIR}/Dockerfile"
-
+sed -i -e "s|%%NEO4J_SHA%%|${coredb_sha}|" "${ADMIN_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_TARBALL%%|$(tarball_name ${NEO4JVERSION} ${NEO4JEDITION})|" "${ADMIN_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_EDITION%%|${NEO4JEDITION}|" "${ADMIN_LOCALCXT_DIR}/Dockerfile"
+sed -i -e "s|%%NEO4J_DIST_SITE%%|${DISTRIBUTION_SITE}|" "${ADMIN_LOCALCXT_DIR}/Dockerfile"
 
 ## ==================================================================================
 ## Finally we are ready to do a docker build...
@@ -219,5 +212,6 @@ echo -n "${admin_image_tag}" > ${ADMIN_LOCALCXT_DIR}/../.image-id-"${NEO4JEDITIO
     echo "NEO4JADMIN_IMAGE=$(cat "${ADMIN_LOCALCXT_DIR}"/../.image-id-"${NEO4JEDITION}")"
     echo "NEO4J_EDITION=${NEO4JEDITION}"
     echo "NEO4J_SKIP_MOUNTED_FOLDER_TARBALLING=true"
-} > ${BUILD_DIR}/devenv-"${NEO4JEDITION}".env
+} > ${BUILD_DIR}/${IMAGE_OS}/devenv-"${NEO4JEDITION}".env
+ln -f ${BUILD_DIR}/${IMAGE_OS}/devenv-"${NEO4JEDITION}".env ${BUILD_DIR}/devenv-"${NEO4JEDITION}".env
 

docker-image-src/4.4/coredb/docker-entrypoint.sh

@@ -126,6 +126,7 @@ function load_plugin_from_location
   for filename in ${_location}; do
     echo "Installing Plugin '${_plugin_name}' from ${_location} to ${_destination}"
     cp --preserve "${filename}" "${_destination}"
+    chmod +rw ${_destination}
   done
 
   if ! is_readable "${_destination}"; then
@@ -287,7 +288,6 @@ function set_initial_password
             admin_user="${BASH_REMATCH[1]}"
             password="${BASH_REMATCH[2]}"
             do_reset="${BASH_REMATCH[3]}"
-            debug_msg "NEO4J_AUTH has been parsed as user \"${admin_user}\", password \"${password}\", do_reset \"${do_reset}\""
 
             if [ "${password}" == "neo4j" ]; then
                 echo >&2 "Invalid value for password. It cannot be 'neo4j', which is the default."

docker-image-src/5/coredb/docker-entrypoint.sh

@@ -126,6 +126,7 @@ function load_plugin_from_location
   for filename in ${_location}; do
     echo "Installing Plugin '${_plugin_name}' from ${_location} to ${_destination}"
     cp --preserve "${filename}" "${_destination}"
+    chmod +wr ${_destination}
   done
 
   if ! is_readable "${_destination}"; then
@@ -287,6 +288,8 @@ function add_env_setting_to_conf
 
 function set_initial_password
 {
+    # this has an inbuilt assumption that any configuration settings from the environment have already been applied to neo4j.conf
+    # This is for the logic to test whether password length is too short.
     local _neo4j_auth="${1}"
 
     # set the neo4j initial password only if you run the database server
@@ -298,13 +301,13 @@ function set_initial_password
             admin_user="${BASH_REMATCH[1]}"
             password="${BASH_REMATCH[2]}"
             do_reset="${BASH_REMATCH[3]}"
-            debug_msg "NEO4J_AUTH has been parsed as user \"${admin_user}\", password \"${password}\", do_reset \"${do_reset}\""
 
             if [ "${password}" == "neo4j" ]; then
                 echo >&2 "Invalid value for password. It cannot be 'neo4j', which is the default."
                 exit 1
             fi
-            if [ "${#password}" -lt 8 ]; then
+            local _min_password_length=$(cat "${NEO4J_HOME}"/conf/neo4j.conf | grep dbms.security.auth_minimum_password_length | sed -E 's/.*=(.*)/\1/')
+            if [ "${#password}" -lt "${_min_password_length:-"8"}" ]; then
                 echo >&2 "Invalid value for password. The minimum password length is 8 characters.
 If Neo4j fails to start, you can:
   1) Use a stronger password.

src/test/java/com/neo4j/docker/coredb/TestAdminReport.java

@@ -142,6 +142,42 @@ private void verifyCanWriteToMountedLocation(boolean asCurrentUser, String testF
         }
     }
 
+    @Test
+    void shouldErrorIfUserCannotWrite() throws Exception
+    {
+        try(GenericContainer container = createNeo4jContainer(true))
+        {
+            Path reportFolder = temporaryFolderManager.createTempFolderAndMountAsVolume(container,
+                                                                                        outputFolderNamePrefix,
+                                                                                        "/reports");
+            temporaryFolderManager.setFolderOwnerToNeo4j( reportFolder );
+            // now will be running as non root, and try to write to a folder owned by 7474
+            container.start();
+            Container.ExecResult execResult = container.execInContainer( "neo4j-admin-report", reportDestinationFlag, "/reports" );
+            Assertions.assertTrue( execResult.getStderr().contains( "Folder /reports is not accessible for user: " ),
+                                   "Did not error about incorrect file permissions" );
+        }
+    }
+
+    @ParameterizedTest(name = "mountPoint_{0}")
+    @ValueSource(strings = {"/tmp/reports", "/reports"})
+    void shouldReownMountedReportDestinationIfRootDoesNotOwn(String mountPoint) throws Exception
+    {
+        try(GenericContainer container = createNeo4jContainer(false))
+        {
+            Path reportFolder = temporaryFolderManager.createTempFolderAndMountAsVolume(container,
+                                                                                        outputFolderNamePrefix,
+                                                                                        mountPoint);
+            temporaryFolderManager.setFolderOwnerToCurrentUser( reportFolder );
+            // now will be running as root, and try to write to a folder owned by 1000
+            container.start();
+            Container.ExecResult execResult = container.execInContainer( "neo4j-admin-report", reportDestinationFlag, mountPoint );
+            Assertions.assertTrue( execResult.getStderr().isEmpty(),
+                                   "errors were encountered when trying to reown "+mountPoint+".\n"+execResult.getStderr());
+            verifyCreatesReport( reportFolder, execResult );
+        }
+    }
+
     @Test
     void shouldShowNeo4jAdminHelpText_whenCMD() throws Exception
     {