Example 11 with SuppressForbidden
use of org.elasticsearch.common.SuppressForbidden in project elasticsearch by elastic.
the class Security method getPluginPermissions.
/**
* Sets properties (codebase URLs) for policy files.
* we look for matching plugins and set URLs to fit
*/
@SuppressForbidden(reason = "proper use of URL")
static Map<String, Policy> getPluginPermissions(Environment environment) throws IOException, NoSuchAlgorithmException {
Map<String, Policy> map = new HashMap<>();
// collect up lists of plugins and modules
List<Path> pluginsAndModules = new ArrayList<>();
if (Files.exists(environment.pluginsFile())) {
try (DirectoryStream<Path> stream = Files.newDirectoryStream(environment.pluginsFile())) {
for (Path plugin : stream) {
pluginsAndModules.add(plugin);
}
}
}
if (Files.exists(environment.modulesFile())) {
try (DirectoryStream<Path> stream = Files.newDirectoryStream(environment.modulesFile())) {
for (Path plugin : stream) {
pluginsAndModules.add(plugin);
}
}
}
// now process each one
for (Path plugin : pluginsAndModules) {
Path policyFile = plugin.resolve(PluginInfo.ES_PLUGIN_POLICY);
if (Files.exists(policyFile)) {
// first get a list of URLs for the plugins' jars:
// we resolve symlinks so map is keyed on the normalize codebase name
List<URL> codebases = new ArrayList<>();
try (DirectoryStream<Path> jarStream = Files.newDirectoryStream(plugin, "*.jar")) {
for (Path jar : jarStream) {
codebases.add(jar.toRealPath().toUri().toURL());
}
}
// parse the plugin's policy file into a set of permissions
Policy policy = readPolicy(policyFile.toUri().toURL(), codebases.toArray(new URL[codebases.size()]));
// consult this policy for each of the plugin's jars:
for (URL url : codebases) {
if (map.put(url.getFile(), policy) != null) {
// just be paranoid ok?
throw new IllegalStateException("per-plugin permissions already granted for jar file: " + url);
}
}
}
}
return Collections.unmodifiableMap(map);
}Example 12 with SuppressForbidden
use of org.elasticsearch.common.SuppressForbidden in project elasticsearch by elastic.
the class ESFileStore method getFileStoreWindows.
/**
* remove this code and just use getFileStore for windows on java 9
* works around https://bugs.openjdk.java.net/browse/JDK-8034057
*/
@SuppressForbidden(reason = "works around https://bugs.openjdk.java.net/browse/JDK-8034057")
static FileStore getFileStoreWindows(Path path, FileStore[] fileStores) throws IOException {
assert Constants.WINDOWS;
try {
return Files.getFileStore(path);
} catch (FileSystemException possibleBug) {
final char driveLetter;
// if something goes wrong, we just deliver the original exception
try {
String root = path.toRealPath().getRoot().toString();
if (root.length() < 2) {
throw new RuntimeException("root isn't a drive letter: " + root);
}
driveLetter = Character.toLowerCase(root.charAt(0));
if (Character.isAlphabetic(driveLetter) == false || root.charAt(1) != ':') {
throw new RuntimeException("root isn't a drive letter: " + root);
}
} catch (Exception checkFailed) {
// something went wrong,
possibleBug.addSuppressed(checkFailed);
throw possibleBug;
}
// we have a drive letter: the hack begins!!!!!!!!
try {
// we have no choice but to parse toString of all stores and find the matching drive letter
for (FileStore store : fileStores) {
String toString = store.toString();
int length = toString.length();
if (length > 3 && toString.endsWith(":)") && toString.charAt(length - 4) == '(') {
if (Character.toLowerCase(toString.charAt(length - 3)) == driveLetter) {
return store;
}
}
}
throw new RuntimeException("no filestores matched");
} catch (Exception weTried) {
IOException newException = new IOException("Unable to retrieve filestore for '" + path + "', tried matching against " + Arrays.toString(fileStores), weTried);
newException.addSuppressed(possibleBug);
throw newException;
}
}
}
Also used :
FileStore(java.nio.file.FileStore)
FileSystemException(java.nio.file.FileSystemException)
IOException(java.io.IOException)
FileSystemException(java.nio.file.FileSystemException)
IOException(java.io.IOException)
SuppressForbidden(org.elasticsearch.common.SuppressForbidden)
Example 13 with SuppressForbidden
use of org.elasticsearch.common.SuppressForbidden in project elasticsearch by elastic.
the class ESFileStore method getMatchingFileStore.
/**
* Files.getFileStore(Path) useless here! Don't complain, just try it yourself.
*/
@SuppressForbidden(reason = "works around the bugs")
static FileStore getMatchingFileStore(Path path, FileStore[] fileStores) throws IOException {
if (Constants.WINDOWS) {
return getFileStoreWindows(path, fileStores);
}
final FileStore store;
try {
store = Files.getFileStore(path);
} catch (IOException unexpected) {
// give a better error message if a filestore cannot be retrieved from inside a FreeBSD jail.
if (Constants.FREE_BSD) {
throw new IOException("Unable to retrieve mount point data for " + path + ". If you are running within a jail, set enforce_statfs=1. See jail(8)", unexpected);
} else {
throw unexpected;
}
}
try {
String mount = getMountPointLinux(store);
FileStore sameMountPoint = null;
for (FileStore fs : fileStores) {
if (mount.equals(getMountPointLinux(fs))) {
if (sameMountPoint == null) {
sameMountPoint = fs;
} else {
// fall back to crappy one we got from Files.getFileStore
return store;
}
}
}
if (sameMountPoint != null) {
// ok, we found only one, use it:
return sameMountPoint;
} else {
// fall back to crappy one we got from Files.getFileStore
return store;
}
} catch (Exception e) {
// ignore
}
// fall back to crappy one we got from Files.getFileStore
return store;
}
Also used :
FileStore(java.nio.file.FileStore)
IOException(java.io.IOException)
FileSystemException(java.nio.file.FileSystemException)
IOException(java.io.IOException)
SuppressForbidden(org.elasticsearch.common.SuppressForbidden)
Example 14 with SuppressForbidden
use of org.elasticsearch.common.SuppressForbidden in project elasticsearch by elastic.
the class BenchmarkMain method main.
@SuppressForbidden(reason = "system out is ok for a command line tool")
public static void main(String[] args) throws Exception {
String type = args[0];
AbstractBenchmark<?> benchmark = null;
switch(type) {
case "transport":
benchmark = new TransportClientBenchmark();
break;
case "rest":
benchmark = new RestClientBenchmark();
break;
default:
System.err.println("Unknown client type [" + type + "]");
System.exit(1);
}
benchmark.run(Arrays.copyOfRange(args, 1, args.length));
}
Also used :
TransportClientBenchmark(org.elasticsearch.client.benchmark.transport.TransportClientBenchmark)
RestClientBenchmark(org.elasticsearch.client.benchmark.rest.RestClientBenchmark)
SuppressForbidden(org.elasticsearch.common.SuppressForbidden)
Example 15 with SuppressForbidden
use of org.elasticsearch.common.SuppressForbidden in project elasticsearch by elastic.
the class BenchmarkRunner method run.
@SuppressForbidden(reason = "system out is ok for a command line tool")
public void run() {
SampleRecorder recorder = new SampleRecorder(iterations);
System.out.printf("Running %s with %d warmup iterations and %d iterations.%n", task.getClass().getSimpleName(), warmupIterations, iterations);
try {
task.setUp(recorder);
task.run();
task.tearDown();
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
return;
} catch (Exception ex) {
throw new RuntimeException(ex);
}
List<Sample> samples = recorder.getSamples();
final List<Metrics> summaryMetrics = MetricsCalculator.calculate(samples);
if (summaryMetrics.isEmpty()) {
System.out.println("No results.");
}
for (Metrics metrics : summaryMetrics) {
String throughput = String.format(Locale.ROOT, "Throughput [ops/s]: %f", metrics.throughput);
String serviceTimes = String.format(Locale.ROOT, "Service time [ms]: p50 = %f, p90 = %f, p95 = %f, p99 = %f, p99.9 = %f, p99.99 = %f", metrics.serviceTimeP50, metrics.serviceTimeP90, metrics.serviceTimeP95, metrics.serviceTimeP99, metrics.serviceTimeP999, metrics.serviceTimeP9999);
String latencies = String.format(Locale.ROOT, "Latency [ms]: p50 = %f, p90 = %f, p95 = %f, p99 = %f, p99.9 = %f, p99.99 = %f", metrics.latencyP50, metrics.latencyP90, metrics.latencyP95, metrics.latencyP99, metrics.latencyP999, metrics.latencyP9999);
int lineLength = Math.max(serviceTimes.length(), latencies.length());
System.out.println(repeat(lineLength, '-'));
System.out.println(throughput);
System.out.println(serviceTimes);
System.out.println(latencies);
System.out.printf("success count = %d, error count = %d%n", metrics.successCount, metrics.errorCount);
System.out.println(repeat(lineLength, '-'));
}
}
Also used :
Metrics(org.elasticsearch.client.benchmark.metrics.Metrics)
Sample(org.elasticsearch.client.benchmark.metrics.Sample)
SampleRecorder(org.elasticsearch.client.benchmark.metrics.SampleRecorder)
SuppressForbidden(org.elasticsearch.common.SuppressForbidden)
Aggregations
SuppressForbidden (org.elasticsearch.common.SuppressForbidden)23
URL (java.net.URL)12
IOException (java.io.IOException)9
Path (java.nio.file.Path)8
InputStream (java.io.InputStream)5
FilePermission (java.io.FilePermission)4
URISyntaxException (java.net.URISyntaxException)4
BufferedReader (java.io.BufferedReader)3
InputStreamReader (java.io.InputStreamReader)3
URLConnection (java.net.URLConnection)3
Policy (java.security.Policy)3
HashMap (java.util.HashMap)3
UncheckedIOException (java.io.UncheckedIOException)2
FileStore (java.nio.file.FileStore)2
FileSystemException (java.nio.file.FileSystemException)2
Principal (java.security.Principal)2
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
ZipInputStream (java.util.zip.ZipInputStream)2
Subject (javax.security.auth.Subject)2
