package org.apache.accumulo.server.init;

import com.beust.jcommander.Parameter;
import com.google.auto.service.AutoService;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.UUID;
import org.apache.accumulo.core.cli.Help;
import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.clientImpl.thrift.SecurityErrorCode;
import org.apache.accumulo.core.conf.DefaultConfiguration;
import org.apache.accumulo.core.conf.Property;
import org.apache.accumulo.core.conf.SiteConfiguration;
import org.apache.accumulo.core.data.InstanceId;
import org.apache.accumulo.core.fate.zookeeper.ZooReaderWriter;
import org.apache.accumulo.core.file.FileOperations;
import org.apache.accumulo.core.metadata.RootTable;
import org.apache.accumulo.core.singletons.SingletonManager;
import org.apache.accumulo.core.spi.fs.VolumeChooserEnvironment;
import org.apache.accumulo.core.util.Pair;
import org.apache.accumulo.core.volume.VolumeConfiguration;
import org.apache.accumulo.server.AccumuloDataVersion;
import org.apache.accumulo.server.ServerContext;
import org.apache.accumulo.server.ServerDirs;
import org.apache.accumulo.server.fs.VolumeChooserEnvironmentImpl;
import org.apache.accumulo.server.fs.VolumeManager;
import org.apache.accumulo.server.fs.VolumeManagerImpl;
import org.apache.accumulo.server.security.SecurityUtil;
import org.apache.accumulo.server.util.ChangeSecret;
import org.apache.accumulo.server.util.SystemPropUtil;
import org.apache.accumulo.start.spi.KeywordExecutable;
import org.apache.commons.lang3.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileStatus;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.permission.FsPermission;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.zookeeper.KeeperException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@SuppressFBWarnings(value = {"DM_EXIT"}, justification = "CLI utility can exit")
@AutoService({KeywordExecutable.class})
/* loaded from: input_file:org/apache/accumulo/server/init/Initialize.class */
public class Initialize implements KeywordExecutable {
    private static final Logger log = LoggerFactory.getLogger(Initialize.class);
    private static final String DEFAULT_ROOT_USER = "root";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/accumulo/server/init/Initialize$Opts.class */
    public static class Opts extends Help {

        @Parameter(names = {"--add-volumes"}, description = "Initialize any uninitialized volumes listed in instance.volumes")
        boolean addVolumes = false;

        @Parameter(names = {"--reset-security"}, description = "just update the security information, will prompt")
        boolean resetSecurity = false;

        @Parameter(names = {"-f", "--force"}, description = "force reset of the security information without prompting")
        boolean forceResetSecurity = false;

        @Parameter(names = {"--clear-instance-name"}, description = "delete any existing instance name without prompting")
        boolean clearInstanceName = false;

        @Parameter(names = {"--upload-accumulo-props"}, description = "Uploads properties in accumulo.properties to Zookeeper")
        boolean uploadAccumuloProps = false;

        @Parameter(names = {"--instance-name"}, description = "the instance name, if not provided, will prompt")
        String cliInstanceName = null;

        @Parameter(names = {"--password"}, description = "set the password on the command line")
        String cliPassword = null;

        @Parameter(names = {"-u", "--user"}, description = "the name of the user to grant system permissions to")
        String rootUser = null;
        byte[] rootpass = null;

        private Opts() {
        }
    }

    static void checkInit(ZooReaderWriter zooReaderWriter, VolumeManager volumeManager, InitialConfiguration initialConfiguration) throws IOException {
        log.info("Hadoop Filesystem is {}", FileSystem.getDefaultUri(initialConfiguration.getHadoopConf()));
        log.info("Accumulo data dirs are {}", List.of(initialConfiguration.getVolumeUris()));
        log.info("Zookeeper server is {}", initialConfiguration.get(Property.INSTANCE_ZK_HOST));
        log.info("Checking if Zookeeper is available. If this hangs, then you need to make sure zookeeper is running");
        if (!zookeeperAvailable(zooReaderWriter)) {
            throw new IllegalStateException("FATAL Zookeeper needs to be up and running in order to init. Exiting ...");
        }
        if (initialConfiguration.get(Property.INSTANCE_SECRET).equals(Property.INSTANCE_SECRET.getDefaultValue())) {
            System.out.println();
            System.out.println();
            System.out.println("Warning!!! Your instance secret is still set to the default, this is not secure. We highly recommend you change it.");
            System.out.println();
            System.out.println();
            System.out.println("You can change the instance secret in accumulo by using:");
            System.out.println("   bin/accumulo " + ChangeSecret.class.getName());
            System.out.println("You will also need to edit your secret in your configuration file by adding the property instance.secret to your accumulo.properties. Without this accumulo will not operate correctly");
        }
        if (isInitialized(volumeManager, initialConfiguration)) {
            printInitializeFailureMessages(initialConfiguration);
            throw new IOException("Filesystem is already initialized");
        }
    }

    private static void printInitializeFailureMessages(InitialConfiguration initialConfiguration) {
        log.error("It appears the directories {}", initialConfiguration.getVolumeUris() + " were previously initialized.");
        log.error("Change the property {} to use different volumes.", Property.INSTANCE_VOLUMES.getKey());
        log.error("The current value of {} is |{}|", Property.INSTANCE_VOLUMES.getKey(), initialConfiguration.get(Property.INSTANCE_VOLUMES));
    }

    private boolean doInit(ZooReaderWriter zooReaderWriter, Opts opts, VolumeManager volumeManager, InitialConfiguration initialConfiguration) {
        try {
            checkInit(zooReaderWriter, volumeManager, initialConfiguration);
            String instanceNamePath = getInstanceNamePath(zooReaderWriter, opts);
            String rootUserName = getRootUserName(initialConfiguration, opts);
            if (initialConfiguration.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) {
                opts.rootpass = UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8);
            } else {
                opts.rootpass = getRootPassword(initialConfiguration, opts, rootUserName);
            }
            String substring = instanceNamePath.substring(getInstanceNamePrefix().length());
            InstanceId of = InstanceId.of(UUID.randomUUID());
            ZooKeeperInitializer zooKeeperInitializer = new ZooKeeperInitializer();
            zooKeeperInitializer.initializeConfig(of, zooReaderWriter);
            try {
                ServerContext initialize = ServerContext.initialize(initialConfiguration.getSiteConf(), substring, of);
                try {
                    VolumeChooserEnvironmentImpl volumeChooserEnvironmentImpl = new VolumeChooserEnvironmentImpl(VolumeChooserEnvironment.Scope.INIT, RootTable.ID, null, initialize);
                    String path = new Path(volumeManager.choose(volumeChooserEnvironmentImpl, initialConfiguration.getVolumeUris()) + "/tables/" + RootTable.ID + "/" + "root_tablet" + "/00000_00000." + FileOperations.getNewFileExtension(DefaultConfiguration.getInstance())).toString();
                    zooKeeperInitializer.initialize(initialize, opts.clearInstanceName, instanceNamePath, "root_tablet", path);
                    if (!createDirs(volumeManager, of, initialConfiguration.getVolumeUris())) {
                        throw new IOException("Problem creating directories on " + volumeManager.getVolumes());
                    }
                    new FileSystemInitializer(initialConfiguration, zooReaderWriter, of).initialize(volumeManager, new Path(volumeManager.choose(volumeChooserEnvironmentImpl, initialConfiguration.getVolumeUris()) + "/tables/" + RootTable.ID + "/" + "root_tablet").toString(), path, initialize);
                    checkSASL(initialConfiguration);
                    initSecurity(initialize, opts, rootUserName);
                    checkUploadProps(initialize, initialConfiguration, opts);
                    if (initialize != null) {
                        initialize.close();
                    }
                    return true;
                } finally {
                }
            } catch (Exception e) {
                log.error("FATAL: Problem during initialize", e);
                return false;
            }
        } catch (Exception e2) {
            log.error("FATAL: Problem during initialize", e2);
            return false;
        }
    }

    private void checkUploadProps(ServerContext serverContext, InitialConfiguration initialConfiguration, Opts opts) {
        if (opts.uploadAccumuloProps) {
            log.info("Uploading properties in accumulo.properties to Zookeeper. Properties that cannot be set in Zookeeper will be skipped:");
            TreeMap treeMap = new TreeMap();
            initialConfiguration.getProperties(treeMap, str -> {
                return true;
            }, false);
            for (Map.Entry<String, String> entry : treeMap.entrySet()) {
                String key = entry.getKey();
                String value = entry.getValue();
                if (Property.isValidZooPropertyKey(key)) {
                    SystemPropUtil.setSystemProperty(serverContext, key, value);
                    log.info("Uploaded - {} = {}", key, Property.isSensitive(key) ? "<hidden>" : value);
                } else {
                    log.info("Skipped - {} = {}", key, Property.isSensitive(key) ? "<hidden>" : value);
                }
            }
        }
    }

    private void checkSASL(InitialConfiguration initialConfiguration) throws IOException, AccumuloSecurityException {
        if (initialConfiguration.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) {
            UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
            if (currentUser.hasKerberosCredentials()) {
                return;
            }
            String str = initialConfiguration.get(Property.GENERAL_KERBEROS_KEYTAB);
            String str2 = initialConfiguration.get(Property.GENERAL_KERBEROS_PRINCIPAL);
            if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
                log.error("FATAL: No Kerberos credentials provided, and Accumulo is not properly configured for server login");
                throw new AccumuloSecurityException(currentUser.getUserName(), SecurityErrorCode.BAD_CREDENTIALS);
            }
            log.info("Logging in as {} with {}", str2, str);
            UserGroupInformation.loginUserFromKeytab(str2, str);
        }
    }

    private static boolean zookeeperAvailable(ZooReaderWriter zooReaderWriter) {
        try {
            return zooReaderWriter.exists("/");
        } catch (KeeperException | InterruptedException e) {
            return false;
        }
    }

    private static boolean createDirs(VolumeManager volumeManager, InstanceId instanceId, Set<String> set) {
        try {
            for (String str : set) {
                log.debug("creating instance directories for base: {}", str);
                Path path = new Path(new Path(str, "version"), AccumuloDataVersion.get());
                FsPermission fsPermission = new FsPermission("700");
                if (volumeManager.exists(path)) {
                    FileStatus fileStatus = volumeManager.getFileStatus(path);
                    log.info("directory {} exists. Permissions match: {}", fileStatus.getPath(), Boolean.valueOf(fileStatus.getPermission().equals(fsPermission)));
                } else {
                    log.info("Directory {} created - call returned {}", path, Boolean.valueOf(volumeManager.mkdirs(path, fsPermission)));
                }
                Path path2 = new Path(str, "instance_id");
                if (volumeManager.exists(path2)) {
                    log.info("directory {} exists.", path2);
                } else {
                    log.info("Directory {} created - call returned {}", path2, Boolean.valueOf(volumeManager.mkdirs(path2)));
                }
                Path path3 = new Path(path2, instanceId.canonical());
                if (volumeManager.exists(path3)) {
                    log.info("InstanceID file {} exists.", path3);
                } else if (volumeManager.createNewFile(path3) && volumeManager.exists(path3)) {
                    log.info("Created instanceId file {} in hdfs", path3);
                } else {
                    log.warn("May have failed to create instanceId file {} in hdfs", path3);
                }
            }
            return true;
        } catch (IOException e) {
            log.error("Problem creating new directories", e);
            return false;
        }
    }

    private String getInstanceNamePrefix() {
        return "/accumulo/instances/";
    }

    private String getInstanceNamePath(ZooReaderWriter zooReaderWriter, Opts opts) throws KeeperException, InterruptedException {
        String str = null;
        boolean z = true;
        do {
            String readLine = opts.cliInstanceName == null ? System.console().readLine("Instance name : ", new Object[0]) : opts.cliInstanceName;
            if (readLine == null) {
                System.exit(0);
            }
            String trim = readLine.trim();
            if (!trim.isEmpty()) {
                str = getInstanceNamePrefix() + trim;
                if (opts.clearInstanceName) {
                    z = false;
                } else {
                    z = zooReaderWriter.exists(str);
                    if (z) {
                        String readLine2 = System.console().readLine("Instance name \"" + trim + "\" exists. Delete existing entry from zookeeper? [Y/N] : ", new Object[0]);
                        if (readLine2 == null) {
                            System.exit(0);
                        }
                        if (readLine2.length() == 1 && readLine2.toLowerCase(Locale.ENGLISH).charAt(0) == 'y') {
                            opts.clearInstanceName = true;
                            z = false;
                        }
                    }
                }
            }
        } while (z);
        return str;
    }

    private String getRootUserName(InitialConfiguration initialConfiguration, Opts opts) {
        String readLine;
        if (initialConfiguration.get(Property.GENERAL_KERBEROS_KEYTAB).equals(Property.GENERAL_KERBEROS_KEYTAB.getDefaultValue()) || !initialConfiguration.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) {
            return DEFAULT_ROOT_USER;
        }
        System.out.println("Running against secured HDFS");
        if (opts.rootUser != null) {
            return opts.rootUser;
        }
        do {
            readLine = System.console().readLine("Principal (user) to grant administrative privileges to : ", new Object[0]);
            if (readLine == null) {
                System.exit(1);
            }
        } while (readLine.isEmpty());
        return readLine;
    }

    private byte[] getRootPassword(InitialConfiguration initialConfiguration, Opts opts, String str) {
        String str2;
        String str3;
        if (opts.cliPassword != null) {
            return opts.cliPassword.getBytes(StandardCharsets.UTF_8);
        }
        do {
            char[] readPassword = System.console().readPassword("Enter initial password for " + str + getInitialPasswordWarning(initialConfiguration), new Object[0]);
            if (readPassword == null) {
                System.exit(0);
            }
            char[] readPassword2 = System.console().readPassword("Confirm initial password for " + str + ":", new Object[0]);
            if (readPassword2 == null) {
                System.exit(0);
            }
            str2 = new String(readPassword);
            str3 = new String(readPassword2);
            if (!str2.equals(str3)) {
                log.error("Passwords do not match");
            }
        } while (!str2.equals(str3));
        return str2.getBytes(StandardCharsets.UTF_8);
    }

    private String getInitialPasswordWarning(InitialConfiguration initialConfiguration) {
        Property property = Property.INSTANCE_SECURITY_AUTHENTICATOR;
        return initialConfiguration.get(property).equals(property.getDefaultValue()) ? ": " : " (this may not be applicable for your security setup): ";
    }

    private static void initSecurity(ServerContext serverContext, Opts opts, String str) throws AccumuloSecurityException {
        serverContext.getSecurityOperation().initializeSecurity(serverContext.rpcCreds(), str, opts.rootpass);
    }

    static boolean isInitialized(VolumeManager volumeManager, InitialConfiguration initialConfiguration) throws IOException {
        for (String str : initialConfiguration.getVolumeUris()) {
            if (volumeManager.exists(new Path(str, "instance_id")) || volumeManager.exists(new Path(str, "version"))) {
                return true;
            }
        }
        return false;
    }

    private static boolean addVolumes(VolumeManager volumeManager, InitialConfiguration initialConfiguration, ServerDirs serverDirs) {
        Configuration hadoopConf = initialConfiguration.getHadoopConf();
        Set<String> volumeUris = VolumeConfiguration.getVolumeUris(initialConfiguration.getSiteConf());
        Set<String> checkBaseUris = serverDirs.checkBaseUris(hadoopConf, volumeUris, true);
        HashSet hashSet = new HashSet(volumeUris);
        hashSet.removeAll(checkBaseUris);
        Path path = new Path(checkBaseUris.iterator().next());
        Path path2 = new Path(path, "instance_id");
        Path path3 = new Path(path, "version");
        InstanceId instanceIDFromHdfs = VolumeManager.getInstanceIDFromHdfs(path2, hadoopConf);
        Iterator<Pair<Path, Path>> it = serverDirs.getVolumeReplacements().iterator();
        while (it.hasNext()) {
            if (path.equals(it.next().getFirst())) {
                log.error("{} is set to be replaced in {} and should not appear in {}. It is highly recommended that this property be removed as data could still be written to this volume.", new Object[]{path, Property.INSTANCE_VOLUMES_REPLACEMENTS, Property.INSTANCE_VOLUMES});
            }
        }
        try {
            int accumuloPersistentVersion = serverDirs.getAccumuloPersistentVersion(path3.getFileSystem(hadoopConf), path3);
            if (accumuloPersistentVersion != AccumuloDataVersion.get()) {
                throw new IOException("Accumulo 3.0.0 cannot initialize data version " + accumuloPersistentVersion);
            }
            return createDirs(volumeManager, instanceIDFromHdfs, hashSet);
        } catch (IOException e) {
            log.error("Problem getting accumulo data version", e);
            return false;
        }
    }

    public String keyword() {
        return "init";
    }

    public KeywordExecutable.UsageGroup usageGroup() {
        return KeywordExecutable.UsageGroup.CORE;
    }

    public String description() {
        return "Initializes Accumulo";
    }

    public void execute(String[] strArr) {
        boolean z = true;
        Opts opts = new Opts();
        opts.parseArgs("accumulo init", strArr, new Object[0]);
        SiteConfiguration auto = SiteConfiguration.auto();
        ZooReaderWriter zooReaderWriter = new ZooReaderWriter(auto);
        SecurityUtil.serverLogin(auto);
        Configuration configuration = new Configuration();
        InitialConfiguration initialConfiguration = new InitialConfiguration(configuration, auto);
        ServerDirs serverDirs = new ServerDirs(auto, configuration);
        try {
            try {
                VolumeManager volumeManager = VolumeManagerImpl.get(auto, configuration);
                try {
                    if (opts.resetSecurity) {
                        z = resetSecurity(initialConfiguration, opts, volumeManager);
                    }
                    if (z && opts.addVolumes) {
                        z = addVolumes(volumeManager, initialConfiguration, serverDirs);
                    }
                    if (!opts.resetSecurity && !opts.addVolumes) {
                        z = doInit(zooReaderWriter, opts, volumeManager, initialConfiguration);
                    }
                    if (volumeManager != null) {
                        volumeManager.close();
                    }
                    SingletonManager.setMode(SingletonManager.Mode.CLOSED);
                    if (z) {
                        return;
                    }
                    System.exit(-1);
                } catch (Throwable th) {
                    if (volumeManager != null) {
                        try {
                            volumeManager.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (IOException e) {
                log.error("Problem trying to get Volume configuration", e);
                SingletonManager.setMode(SingletonManager.Mode.CLOSED);
                if (0 == 0) {
                    System.exit(-1);
                }
            }
        } catch (Throwable th3) {
            SingletonManager.setMode(SingletonManager.Mode.CLOSED);
            if (1 == 0) {
                System.exit(-1);
            }
            throw th3;
        }
    }

    private boolean resetSecurity(InitialConfiguration initialConfiguration, Opts opts, VolumeManager volumeManager) {
        String readLine;
        log.info("Resetting security on accumulo.");
        try {
            ServerContext serverContext = new ServerContext(initialConfiguration.getSiteConf());
            try {
                if (!isInitialized(volumeManager, initialConfiguration)) {
                    throw new IllegalStateException("FATAL: Attempted to reset security on accumulo before it was initialized");
                }
                if (!opts.forceResetSecurity && (readLine = System.console().readLine("WARNING: This will remove all users from Accumulo! If you wish to proceed enter the instance name: ", new Object[0])) != null && !serverContext.getInstanceName().equals(readLine)) {
                    throw new IllegalStateException("Aborted reset security: Instance name did not match current instance.");
                }
                String rootUserName = getRootUserName(initialConfiguration, opts);
                opts.rootpass = getRootPassword(initialConfiguration, opts, rootUserName);
                initSecurity(serverContext, opts, rootUserName);
                serverContext.close();
                return true;
            } finally {
            }
        } catch (Exception e) {
            log.error("Problem calling reset security", e);
            return false;
        }
    }

    public static void main(String[] strArr) {
        new Initialize().execute(strArr);
    }
}
