use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.
the class AwsS3ServiceImplTests method testAWSConfigurationWithAwsSettingsBackcompat.
public void testAWSConfigurationWithAwsSettingsBackcompat() {
Settings settings = Settings.builder().put(AwsS3Service.PROTOCOL_SETTING.getKey(), "http").put(AwsS3Service.PROXY_HOST_SETTING.getKey(), "aws_proxy_host").put(AwsS3Service.PROXY_PORT_SETTING.getKey(), 8080).put(AwsS3Service.PROXY_USERNAME_SETTING.getKey(), "aws_proxy_username").put(AwsS3Service.PROXY_PASSWORD_SETTING.getKey(), "aws_proxy_password").put(AwsS3Service.SIGNER_SETTING.getKey(), "AWS3SignerType").put(AwsS3Service.READ_TIMEOUT.getKey(), "10s").build();
launchAWSConfigurationTest(settings, Settings.EMPTY, Protocol.HTTP, "aws_proxy_host", 8080, "aws_proxy_username", "aws_proxy_password", "AWS3SignerType", 3, false, 10000);
assertSettingDeprecationsAndWarnings(new Setting<?>[] { AwsS3Service.PROXY_USERNAME_SETTING, AwsS3Service.PROXY_PASSWORD_SETTING, AwsS3Service.PROTOCOL_SETTING, AwsS3Service.PROXY_HOST_SETTING, AwsS3Service.PROXY_PORT_SETTING, AwsS3Service.SIGNER_SETTING, AwsS3Service.READ_TIMEOUT });
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.
the class AwsS3ServiceImplTests method testEndpointSetting.
public void testEndpointSetting() {
Settings settings = Settings.builder().put("s3.client.default.endpoint", "s3.endpoint").build();
assertEndpoint(generateRepositorySettings("repository_key", "repository_secret", null, null), settings, "s3.endpoint");
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.
the class EvilSecurityTests method testEnvironmentPaths.
/** test generated permissions for all configured paths */
// needs to check settings for deprecated path
@SuppressWarnings("deprecation")
public void testEnvironmentPaths() throws Exception {
Path path = createTempDir();
// make a fake ES home and ensure we only grant permissions to that.
Path esHome = path.resolve("esHome");
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.resolve("home").toString());
settingsBuilder.put(Environment.PATH_CONF_SETTING.getKey(), esHome.resolve("conf").toString());
settingsBuilder.put(Environment.PATH_SCRIPTS_SETTING.getKey(), esHome.resolve("scripts").toString());
settingsBuilder.putArray(Environment.PATH_DATA_SETTING.getKey(), esHome.resolve("data1").toString(), esHome.resolve("data2").toString());
settingsBuilder.put(Environment.PATH_SHARED_DATA_SETTING.getKey(), esHome.resolve("custom").toString());
settingsBuilder.put(Environment.PATH_LOGS_SETTING.getKey(), esHome.resolve("logs").toString());
settingsBuilder.put(Environment.PIDFILE_SETTING.getKey(), esHome.resolve("test.pid").toString());
Settings settings = settingsBuilder.build();
Path fakeTmpDir = createTempDir();
String realTmpDir = System.getProperty("java.io.tmpdir");
Permissions permissions;
Environment environment;
try {
System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
environment = new Environment(settings);
permissions = Security.createPermissions(environment);
} finally {
System.setProperty("java.io.tmpdir", realTmpDir);
}
// the fake es home
assertNoPermissions(esHome, permissions);
// its parent
assertNoPermissions(esHome.getParent(), permissions);
// some other sibling
assertNoPermissions(esHome.getParent().resolve("other"), permissions);
// double check we overwrote java.io.tmpdir correctly for the test
assertNoPermissions(PathUtils.get(realTmpDir), permissions);
// check that all directories got permissions:
// bin file: ro
assertExactPermissions(new FilePermission(environment.binFile().toString(), "read,readlink"), permissions);
// lib file: ro
assertExactPermissions(new FilePermission(environment.libFile().toString(), "read,readlink"), permissions);
// modules file: ro
assertExactPermissions(new FilePermission(environment.modulesFile().toString(), "read,readlink"), permissions);
// config file: ro
assertExactPermissions(new FilePermission(environment.configFile().toString(), "read,readlink"), permissions);
// scripts file: ro
assertExactPermissions(new FilePermission(environment.scriptsFile().toString(), "read,readlink"), permissions);
// plugins: ro
assertExactPermissions(new FilePermission(environment.pluginsFile().toString(), "read,readlink"), permissions);
// data paths: r/w
for (Path dataPath : environment.dataFiles()) {
assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
}
for (Path dataPath : environment.dataWithClusterFiles()) {
assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
}
assertExactPermissions(new FilePermission(environment.sharedDataFile().toString(), "read,readlink,write,delete"), permissions);
// logs: r/w
assertExactPermissions(new FilePermission(environment.logsFile().toString(), "read,readlink,write,delete"), permissions);
// temp dir: r/w
assertExactPermissions(new FilePermission(fakeTmpDir.toString(), "read,readlink,write,delete"), permissions);
// PID file: delete only (for the shutdown hook)
assertExactPermissions(new FilePermission(environment.pidFile().toString(), "delete"), permissions);
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.
the class EvilSecurityTests method testGeneratedPermissions.
/** test generated permissions */
public void testGeneratedPermissions() throws Exception {
Path path = createTempDir();
// make a fake ES home and ensure we only grant permissions to that.
Path esHome = path.resolve("esHome");
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.toString());
Settings settings = settingsBuilder.build();
Path fakeTmpDir = createTempDir();
String realTmpDir = System.getProperty("java.io.tmpdir");
Permissions permissions;
try {
System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
Environment environment = new Environment(settings);
permissions = Security.createPermissions(environment);
} finally {
System.setProperty("java.io.tmpdir", realTmpDir);
}
// the fake es home
assertNoPermissions(esHome, permissions);
// its parent
assertNoPermissions(esHome.getParent(), permissions);
// some other sibling
assertNoPermissions(esHome.getParent().resolve("other"), permissions);
// double check we overwrote java.io.tmpdir correctly for the test
assertNoPermissions(PathUtils.get(realTmpDir), permissions);
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.
the class EvilLoggerConfigurationTests method testLoggingLevelsFromSettings.
public void testLoggingLevelsFromSettings() throws IOException, UserException {
final Level rootLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
final Level fooLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
final Level barLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
final Path configDir = getDataPath("minimal");
final Settings settings = Settings.builder().put(Environment.PATH_CONF_SETTING.getKey(), configDir.toAbsolutePath()).put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).put("logger.level", rootLevel.name()).put("logger.foo", fooLevel.name()).put("logger.bar", barLevel.name()).build();
final Environment environment = new Environment(settings);
LogConfigurator.configure(environment);
final LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
final Configuration config = ctx.getConfiguration();
final Map<String, LoggerConfig> loggerConfigs = config.getLoggers();
assertThat(loggerConfigs.size(), equalTo(3));
assertThat(loggerConfigs, hasKey(""));
assertThat(loggerConfigs.get("").getLevel(), equalTo(rootLevel));
assertThat(loggerConfigs, hasKey("foo"));
assertThat(loggerConfigs.get("foo").getLevel(), equalTo(fooLevel));
assertThat(loggerConfigs, hasKey("bar"));
assertThat(loggerConfigs.get("bar").getLevel(), equalTo(barLevel));
assertThat(ctx.getLogger(randomAsciiOfLength(16)).getLevel(), equalTo(rootLevel));
}
Aggregations