Search in sources :

Example 11 with Settings

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.

the class AwsS3ServiceImplTests method testAWSConfigurationWithAwsSettingsBackcompat.

public void testAWSConfigurationWithAwsSettingsBackcompat() {
    Settings settings = Settings.builder().put(AwsS3Service.PROTOCOL_SETTING.getKey(), "http").put(AwsS3Service.PROXY_HOST_SETTING.getKey(), "aws_proxy_host").put(AwsS3Service.PROXY_PORT_SETTING.getKey(), 8080).put(AwsS3Service.PROXY_USERNAME_SETTING.getKey(), "aws_proxy_username").put(AwsS3Service.PROXY_PASSWORD_SETTING.getKey(), "aws_proxy_password").put(AwsS3Service.SIGNER_SETTING.getKey(), "AWS3SignerType").put(AwsS3Service.READ_TIMEOUT.getKey(), "10s").build();
    launchAWSConfigurationTest(settings, Settings.EMPTY, Protocol.HTTP, "aws_proxy_host", 8080, "aws_proxy_username", "aws_proxy_password", "AWS3SignerType", 3, false, 10000);
    assertSettingDeprecationsAndWarnings(new Setting<?>[] { AwsS3Service.PROXY_USERNAME_SETTING, AwsS3Service.PROXY_PASSWORD_SETTING, AwsS3Service.PROTOCOL_SETTING, AwsS3Service.PROXY_HOST_SETTING, AwsS3Service.PROXY_PORT_SETTING, AwsS3Service.SIGNER_SETTING, AwsS3Service.READ_TIMEOUT });
}
Also used : MockSecureSettings(org.elasticsearch.common.settings.MockSecureSettings) Settings(org.elasticsearch.common.settings.Settings)

Example 12 with Settings

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.

the class AwsS3ServiceImplTests method testEndpointSetting.

public void testEndpointSetting() {
    Settings settings = Settings.builder().put("s3.client.default.endpoint", "s3.endpoint").build();
    assertEndpoint(generateRepositorySettings("repository_key", "repository_secret", null, null), settings, "s3.endpoint");
}
Also used : MockSecureSettings(org.elasticsearch.common.settings.MockSecureSettings) Settings(org.elasticsearch.common.settings.Settings)

Example 13 with Settings

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.

the class EvilSecurityTests method testEnvironmentPaths.

/** test generated permissions for all configured paths */
// needs to check settings for deprecated path
@SuppressWarnings("deprecation")
public void testEnvironmentPaths() throws Exception {
    Path path = createTempDir();
    // make a fake ES home and ensure we only grant permissions to that.
    Path esHome = path.resolve("esHome");
    Settings.Builder settingsBuilder = Settings.builder();
    settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.resolve("home").toString());
    settingsBuilder.put(Environment.PATH_CONF_SETTING.getKey(), esHome.resolve("conf").toString());
    settingsBuilder.put(Environment.PATH_SCRIPTS_SETTING.getKey(), esHome.resolve("scripts").toString());
    settingsBuilder.putArray(Environment.PATH_DATA_SETTING.getKey(), esHome.resolve("data1").toString(), esHome.resolve("data2").toString());
    settingsBuilder.put(Environment.PATH_SHARED_DATA_SETTING.getKey(), esHome.resolve("custom").toString());
    settingsBuilder.put(Environment.PATH_LOGS_SETTING.getKey(), esHome.resolve("logs").toString());
    settingsBuilder.put(Environment.PIDFILE_SETTING.getKey(), esHome.resolve("test.pid").toString());
    Settings settings = settingsBuilder.build();
    Path fakeTmpDir = createTempDir();
    String realTmpDir = System.getProperty("java.io.tmpdir");
    Permissions permissions;
    Environment environment;
    try {
        System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
        environment = new Environment(settings);
        permissions = Security.createPermissions(environment);
    } finally {
        System.setProperty("java.io.tmpdir", realTmpDir);
    }
    // the fake es home
    assertNoPermissions(esHome, permissions);
    // its parent
    assertNoPermissions(esHome.getParent(), permissions);
    // some other sibling
    assertNoPermissions(esHome.getParent().resolve("other"), permissions);
    // double check we overwrote java.io.tmpdir correctly for the test
    assertNoPermissions(PathUtils.get(realTmpDir), permissions);
    // check that all directories got permissions:
    // bin file: ro
    assertExactPermissions(new FilePermission(environment.binFile().toString(), "read,readlink"), permissions);
    // lib file: ro
    assertExactPermissions(new FilePermission(environment.libFile().toString(), "read,readlink"), permissions);
    // modules file: ro
    assertExactPermissions(new FilePermission(environment.modulesFile().toString(), "read,readlink"), permissions);
    // config file: ro
    assertExactPermissions(new FilePermission(environment.configFile().toString(), "read,readlink"), permissions);
    // scripts file: ro
    assertExactPermissions(new FilePermission(environment.scriptsFile().toString(), "read,readlink"), permissions);
    // plugins: ro
    assertExactPermissions(new FilePermission(environment.pluginsFile().toString(), "read,readlink"), permissions);
    // data paths: r/w
    for (Path dataPath : environment.dataFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    for (Path dataPath : environment.dataWithClusterFiles()) {
        assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
    }
    assertExactPermissions(new FilePermission(environment.sharedDataFile().toString(), "read,readlink,write,delete"), permissions);
    // logs: r/w
    assertExactPermissions(new FilePermission(environment.logsFile().toString(), "read,readlink,write,delete"), permissions);
    // temp dir: r/w
    assertExactPermissions(new FilePermission(fakeTmpDir.toString(), "read,readlink,write,delete"), permissions);
    // PID file: delete only (for the shutdown hook)
    assertExactPermissions(new FilePermission(environment.pidFile().toString(), "delete"), permissions);
}
Also used : Path(java.nio.file.Path) Permissions(java.security.Permissions) Environment(org.elasticsearch.env.Environment) FilePermission(java.io.FilePermission) Settings(org.elasticsearch.common.settings.Settings)

Example 14 with Settings

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.

the class EvilSecurityTests method testGeneratedPermissions.

/** test generated permissions */
public void testGeneratedPermissions() throws Exception {
    Path path = createTempDir();
    // make a fake ES home and ensure we only grant permissions to that.
    Path esHome = path.resolve("esHome");
    Settings.Builder settingsBuilder = Settings.builder();
    settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.toString());
    Settings settings = settingsBuilder.build();
    Path fakeTmpDir = createTempDir();
    String realTmpDir = System.getProperty("java.io.tmpdir");
    Permissions permissions;
    try {
        System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
        Environment environment = new Environment(settings);
        permissions = Security.createPermissions(environment);
    } finally {
        System.setProperty("java.io.tmpdir", realTmpDir);
    }
    // the fake es home
    assertNoPermissions(esHome, permissions);
    // its parent
    assertNoPermissions(esHome.getParent(), permissions);
    // some other sibling
    assertNoPermissions(esHome.getParent().resolve("other"), permissions);
    // double check we overwrote java.io.tmpdir correctly for the test
    assertNoPermissions(PathUtils.get(realTmpDir), permissions);
}
Also used : Path(java.nio.file.Path) Permissions(java.security.Permissions) Environment(org.elasticsearch.env.Environment) Settings(org.elasticsearch.common.settings.Settings)

Example 15 with Settings

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.common.settings.Settings in project elasticsearch by elastic.

the class EvilLoggerConfigurationTests method testLoggingLevelsFromSettings.

public void testLoggingLevelsFromSettings() throws IOException, UserException {
    final Level rootLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
    final Level fooLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
    final Level barLevel = randomFrom(Level.TRACE, Level.DEBUG, Level.INFO, Level.WARN, Level.ERROR);
    final Path configDir = getDataPath("minimal");
    final Settings settings = Settings.builder().put(Environment.PATH_CONF_SETTING.getKey(), configDir.toAbsolutePath()).put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).put("logger.level", rootLevel.name()).put("logger.foo", fooLevel.name()).put("logger.bar", barLevel.name()).build();
    final Environment environment = new Environment(settings);
    LogConfigurator.configure(environment);
    final LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
    final Configuration config = ctx.getConfiguration();
    final Map<String, LoggerConfig> loggerConfigs = config.getLoggers();
    assertThat(loggerConfigs.size(), equalTo(3));
    assertThat(loggerConfigs, hasKey(""));
    assertThat(loggerConfigs.get("").getLevel(), equalTo(rootLevel));
    assertThat(loggerConfigs, hasKey("foo"));
    assertThat(loggerConfigs.get("foo").getLevel(), equalTo(fooLevel));
    assertThat(loggerConfigs, hasKey("bar"));
    assertThat(loggerConfigs.get("bar").getLevel(), equalTo(barLevel));
    assertThat(ctx.getLogger(randomAsciiOfLength(16)).getLevel(), equalTo(rootLevel));
}
Also used : Path(java.nio.file.Path) Configuration(org.apache.logging.log4j.core.config.Configuration) Environment(org.elasticsearch.env.Environment) Level(org.apache.logging.log4j.Level) Matchers.hasToString(org.hamcrest.Matchers.hasToString) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) LoggerContext(org.apache.logging.log4j.core.LoggerContext) Settings(org.elasticsearch.common.settings.Settings) LoggerConfig(org.apache.logging.log4j.core.config.LoggerConfig)

Aggregations

Settings (org.elasticsearch.common.settings.Settings)1248 Test (org.junit.Test)197 IndexSettings (org.elasticsearch.index.IndexSettings)167 IOException (java.io.IOException)133 Path (java.nio.file.Path)121 ClusterState (org.elasticsearch.cluster.ClusterState)120 ArrayList (java.util.ArrayList)108 ClusterSettings (org.elasticsearch.common.settings.ClusterSettings)106 HashMap (java.util.HashMap)105 DiscoveryNode (org.elasticsearch.cluster.node.DiscoveryNode)98 Version (org.elasticsearch.Version)91 Matchers.containsString (org.hamcrest.Matchers.containsString)91 Environment (org.elasticsearch.env.Environment)87 Map (java.util.Map)85 List (java.util.List)79 IndexMetaData (org.elasticsearch.cluster.metadata.IndexMetaData)72 Index (org.elasticsearch.index.Index)70 HashSet (java.util.HashSet)58 IndexMetadata (org.elasticsearch.cluster.metadata.IndexMetadata)54 ThreadPool (org.elasticsearch.threadpool.ThreadPool)54