/** Adds access to all configurable paths. */
static void addFilePermissions(Permissions policy, Environment environment) {
// read-only dirs
addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.binFile(), "read,readlink");
addPath(policy, Environment.PATH_HOME_SETTING.getKey(), environment.libFile(), "read,readlink");
addPath(
policy, Environment.PATH_HOME_SETTING.getKey(), environment.modulesFile(), "read,readlink");
addPath(
policy, Environment.PATH_HOME_SETTING.getKey(), environment.pluginsFile(), "read,readlink");
addPath(
policy, Environment.PATH_CONF_SETTING.getKey(), environment.configFile(), "read,readlink");
addPath(
policy,
Environment.PATH_SCRIPTS_SETTING.getKey(),
environment.scriptsFile(),
"read,readlink");
// read-write dirs
addPath(policy, "java.io.tmpdir", environment.tmpFile(), "read,readlink,write,delete");
addPath(
policy,
Environment.PATH_LOGS_SETTING.getKey(),
environment.logsFile(),
"read,readlink,write,delete");
if (environment.sharedDataFile() != null) {
addPath(
policy,
Environment.PATH_SHARED_DATA_SETTING.getKey(),
environment.sharedDataFile(),
"read,readlink,write,delete");
}
for (Path path : environment.dataFiles()) {
addPath(policy, Environment.PATH_DATA_SETTING.getKey(), path, "read,readlink,write,delete");
}
// TODO: this should be removed in ES 6.0! We will no longer support data paths with the cluster
// as a folder
assert Version.CURRENT.major < 6 : "cluster name is no longer used in data path";
for (Path path : environment.dataWithClusterFiles()) {
addPathIfExists(
policy, Environment.PATH_DATA_SETTING.getKey(), path, "read,readlink,write,delete");
}
for (Path path : environment.repoFiles()) {
addPath(policy, Environment.PATH_REPO_SETTING.getKey(), path, "read,readlink,write,delete");
}
if (environment.pidFile() != null) {
// we just need permission to remove the file if its elsewhere.
policy.add(new FilePermission(environment.pidFile().toString(), "delete"));
}
}
/** returns dynamic Permissions to configured paths */
static void addFilePermissions(Permissions policy, Environment environment) throws IOException {
// read-only dirs
addPath(policy, "path.home", environment.binFile(), "read,readlink");
addPath(policy, "path.home", environment.libFile(), "read,readlink");
addPath(policy, "path.plugins", environment.pluginsFile(), "read,readlink");
addPath(policy, "path.conf", environment.configFile(), "read,readlink");
addPath(policy, "path.scripts", environment.scriptsFile(), "read,readlink");
// read-write dirs
addPath(policy, "java.io.tmpdir", environment.tmpFile(), "read,readlink,write,delete");
addPath(policy, "path.logs", environment.logsFile(), "read,readlink,write,delete");
if (environment.sharedDataFile() != null) {
addPath(
policy, "path.shared_data", environment.sharedDataFile(), "read,readlink,write,delete");
}
for (Path path : environment.dataFiles()) {
addPath(policy, "path.data", path, "read,readlink,write,delete");
}
for (Path path : environment.dataWithClusterFiles()) {
addPath(policy, "path.data", path, "read,readlink,write,delete");
}
for (Path path : environment.repoFiles()) {
addPath(policy, "path.repo", path, "read,readlink,write,delete");
}
if (environment.pidFile() != null) {
// we just need permission to remove the file if its elsewhere.
policy.add(new FilePermission(environment.pidFile().toString(), "delete"));
}
}
static {
// just like bootstrap, initialize natives, then SM
Bootstrap.initializeNatives(true, true);
// initialize probes
Bootstrap.initializeProbes();
// check for jar hell
try {
JarHell.checkJarHell();
} catch (Exception e) {
if (Boolean.parseBoolean(System.getProperty("tests.maven"))) {
throw new RuntimeException("found jar hell in test classpath", e);
} else {
Loggers.getLogger(BootstrapForTesting.class)
.warn(
"Your ide or custom test runner has jar hell issues, "
+ "you might want to look into that",
e);
}
}
// make sure java.io.tmpdir exists always (in case code uses it in a static initializer)
Path javaTmpDir =
PathUtils.get(
Objects.requireNonNull(
System.getProperty("java.io.tmpdir"), "please set ${java.io.tmpdir} in pom.xml"));
try {
Security.ensureDirectoryExists(javaTmpDir);
} catch (Exception e) {
throw new RuntimeException("unable to create test temp directory", e);
}
// install security manager if requested
if (systemPropertyAsBoolean("tests.security.manager", true)) {
try {
Security.setCodebaseProperties();
// if its an insecure plugin, its not easy to simulate here, since we don't have a real
// plugin install.
// we just do our best so unit testing can work. integration tests for such plugins are
// essential.
String artifact = System.getProperty("tests.artifact");
String insecurePluginProp = Security.INSECURE_PLUGINS.get(artifact);
if (insecurePluginProp != null) {
System.setProperty(insecurePluginProp, "file:/-");
}
// initialize paths the same exact way as bootstrap.
Permissions perms = new Permissions();
// add permissions to everything in classpath
for (URL url : JarHell.parseClassPath()) {
Path path = PathUtils.get(url.toURI());
// resource itself
perms.add(new FilePermission(path.toString(), "read,readlink"));
// classes underneath
perms.add(
new FilePermission(
path.toString() + path.getFileSystem().getSeparator() + "-", "read,readlink"));
// crazy jython...
String filename = path.getFileName().toString();
if (filename.contains("jython") && filename.endsWith(".jar")) {
// just enough so it won't fail when it does not exist
perms.add(new FilePermission(path.getParent().toString(), "read,readlink"));
perms.add(
new FilePermission(path.getParent().resolve("Lib").toString(), "read,readlink"));
}
}
// java.io.tmpdir
Security.addPath(perms, "java.io.tmpdir", javaTmpDir, "read,readlink,write,delete");
// custom test config file
if (Strings.hasLength(System.getProperty("tests.config"))) {
perms.add(new FilePermission(System.getProperty("tests.config"), "read,readlink"));
}
// jacoco coverage output file
if (Boolean.getBoolean("tests.coverage")) {
Path coverageDir = PathUtils.get(System.getProperty("tests.coverage.dir"));
perms.add(
new FilePermission(coverageDir.resolve("jacoco.exec").toString(), "read,write"));
// in case we get fancy and use the -integration goals later:
perms.add(
new FilePermission(coverageDir.resolve("jacoco-it.exec").toString(), "read,write"));
}
Policy.setPolicy(new ESPolicy(perms));
System.setSecurityManager(new TestSecurityManager());
Security.selfTest();
if (insecurePluginProp != null) {
// initialize the plugin class, in case it has one-time hacks (unit tests often won't do
// this)
String clazz = System.getProperty("tests.plugin.classname");
if (clazz == null) {
throw new IllegalStateException(
"plugin classname is needed for insecure plugin unit tests");
}
Class.forName(clazz);
}
} catch (Exception e) {
throw new RuntimeException("unable to install test security manager", e);
}
}
}
