Example 51 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class EvilSecurityTests method testEnvironmentPaths.
/**
* test generated permissions for all configured paths
*/
// needs to check settings for deprecated path
@SuppressWarnings("deprecation")
@SuppressForbidden(reason = "to create FilePermission object")
public void testEnvironmentPaths() throws Exception {
Path path = createTempDir();
// make a fake ES home and ensure we only grant permissions to that.
Path esHome = path.resolve("esHome");
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.resolve("home").toString());
settingsBuilder.putList(Environment.PATH_DATA_SETTING.getKey(), esHome.resolve("data1").toString(), esHome.resolve("data2").toString());
settingsBuilder.put(Environment.PATH_SHARED_DATA_SETTING.getKey(), esHome.resolve("custom").toString());
settingsBuilder.put(Environment.PATH_LOGS_SETTING.getKey(), esHome.resolve("logs").toString());
settingsBuilder.put(Environment.NODE_PIDFILE_SETTING.getKey(), esHome.resolve("test.pid").toString());
Settings settings = settingsBuilder.build();
Path fakeTmpDir = createTempDir();
String realTmpDir = System.getProperty("java.io.tmpdir");
Permissions permissions;
Environment environment;
try {
System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
environment = new Environment(settings, esHome.resolve("conf"));
permissions = Security.createPermissions(environment);
} finally {
System.setProperty("java.io.tmpdir", realTmpDir);
}
// the fake es home
assertNoPermissions(esHome, permissions);
// its parent
assertNoPermissions(esHome.getParent(), permissions);
// some other sibling
assertNoPermissions(esHome.getParent().resolve("other"), permissions);
// double check we overwrote java.io.tmpdir correctly for the test
assertNoPermissions(PathUtils.get(realTmpDir), permissions);
// check that all directories got permissions:
// bin file: ro
assertExactPermissions(new FilePermission(environment.binFile().toString(), "read,readlink"), permissions);
// lib file: ro
assertExactPermissions(new FilePermission(environment.libFile().toString(), "read,readlink"), permissions);
// modules file: ro
assertExactPermissions(new FilePermission(environment.modulesFile().toString(), "read,readlink"), permissions);
// config file: ro
assertExactPermissions(new FilePermission(environment.configFile().toString(), "read,readlink"), permissions);
// plugins: ro
assertExactPermissions(new FilePermission(environment.pluginsFile().toString(), "read,readlink"), permissions);
// data paths: r/w
for (Path dataPath : environment.dataFiles()) {
assertExactPermissions(new FilePermission(dataPath.toString(), "read,readlink,write,delete"), permissions);
}
assertExactPermissions(new FilePermission(environment.sharedDataFile().toString(), "read,readlink,write,delete"), permissions);
// logs: r/w
assertExactPermissions(new FilePermission(environment.logsFile().toString(), "read,readlink,write,delete"), permissions);
// temp dir: r/w
assertExactPermissions(new FilePermission(fakeTmpDir.toString(), "read,readlink,write,delete"), permissions);
// PID file: delete only (for the shutdown hook)
assertExactPermissions(new FilePermission(environment.pidFile().toString(), "delete"), permissions);
}
Also used :
Path(java.nio.file.Path)
Permissions(java.security.Permissions)
Environment(org.opensearch.env.Environment)
TestEnvironment(org.opensearch.env.TestEnvironment)
Matchers.hasToString(org.hamcrest.Matchers.hasToString)
Matchers.containsString(org.hamcrest.Matchers.containsString)
FilePermission(java.io.FilePermission)
Settings(org.opensearch.common.settings.Settings)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Example 52 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class EvilLoggerTests method setupLogging.
private void setupLogging(final String config, final Settings settings) throws IOException, UserException {
assert !Environment.PATH_HOME_SETTING.exists(settings);
final Path configDir = getDataPath(config);
final Settings mergedSettings = Settings.builder().put(settings).put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).build();
// need to use custom config path so we can use a custom log4j2.properties file for the test
final Environment environment = new Environment(mergedSettings, configDir);
LogConfigurator.configure(environment);
}
Also used :
Path(java.nio.file.Path)
Environment(org.opensearch.env.Environment)
Settings(org.opensearch.common.settings.Settings)
Example 53 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class JsonLoggerTests method setupLogging.
private void setupLogging(final String config, final Settings settings) throws IOException, UserException {
assertFalse("Environment path.home variable should not be set", Environment.PATH_HOME_SETTING.exists(settings));
final Path configDir = getDataPath(config);
final Settings mergedSettings = Settings.builder().put(settings).put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).build();
// need to use custom config path so we can use a custom log4j2.properties file for the test
final Environment environment = new Environment(mergedSettings, configDir);
LogConfigurator.configure(environment);
}
Also used :
Path(java.nio.file.Path)
Environment(org.opensearch.env.Environment)
Settings(org.opensearch.common.settings.Settings)
Example 54 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class AnalysisTests method testParseWordList.
public void testParseWordList() throws IOException {
Path tempDir = createTempDir();
Path dict = tempDir.resolve("foo.dict");
Settings nodeSettings = Settings.builder().put("foo.bar_path", dict).put(Environment.PATH_HOME_SETTING.getKey(), tempDir).build();
try (BufferedWriter writer = Files.newBufferedWriter(dict, StandardCharsets.UTF_8)) {
writer.write("hello");
writer.write('\n');
writer.write("world");
writer.write('\n');
}
Environment env = TestEnvironment.newEnvironment(nodeSettings);
List<String> wordList = Analysis.getWordList(env, nodeSettings, "foo.bar");
assertEquals(Arrays.asList("hello", "world"), wordList);
}
Also used :
Path(java.nio.file.Path)
Environment(org.opensearch.env.Environment)
TestEnvironment(org.opensearch.env.TestEnvironment)
Settings(org.opensearch.common.settings.Settings)
BufferedWriter(java.io.BufferedWriter)
Example 55 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class RemoveCorruptedShardDataCommandTests method setup.
@Before
public void setup() throws IOException {
shardId = new ShardId("index0", UUIDs.randomBase64UUID(), 0);
final String nodeId = randomAlphaOfLength(10);
routing = TestShardRouting.newShardRouting(shardId, nodeId, true, ShardRoutingState.INITIALIZING, RecoverySource.EmptyStoreRecoverySource.INSTANCE);
final Path dataDir = createTempDir();
environment = TestEnvironment.newEnvironment(Settings.builder().put(Environment.PATH_HOME_SETTING.getKey(), dataDir).putList(Environment.PATH_DATA_SETTING.getKey(), dataDir.toAbsolutePath().toString()).build());
// create same directory structure as prod does
final Path path = NodeEnvironment.resolveNodePath(dataDir, 0);
Files.createDirectories(path);
dataPaths = new Path[] { path };
final Settings settings = Settings.builder().put(IndexMetadata.SETTING_VERSION_CREATED, Version.CURRENT).put(IndexMetadata.SETTING_NUMBER_OF_SHARDS, 1).put(MergePolicyConfig.INDEX_MERGE_ENABLED, false).put(IndexMetadata.SETTING_NUMBER_OF_REPLICAS, 0).put(IndexMetadata.SETTING_INDEX_UUID, shardId.getIndex().getUUID()).build();
final NodeEnvironment.NodePath nodePath = new NodeEnvironment.NodePath(path);
shardPath = new ShardPath(false, nodePath.resolve(shardId), nodePath.resolve(shardId), shardId);
final IndexMetadata.Builder metadata = IndexMetadata.builder(routing.getIndexName()).settings(settings).primaryTerm(0, randomIntBetween(1, 100)).putMapping("_doc", "{ \"properties\": {} }");
indexMetadata = metadata.build();
clusterState = ClusterState.builder(ClusterName.DEFAULT).metadata(Metadata.builder().put(indexMetadata, false).build()).build();
try (NodeEnvironment.NodeLock lock = new NodeEnvironment.NodeLock(0, logger, environment, Files::exists)) {
final Path[] dataPaths = Arrays.stream(lock.getNodePaths()).filter(Objects::nonNull).map(p -> p.path).toArray(Path[]::new);
try (PersistedClusterStateService.Writer writer = new PersistedClusterStateService(dataPaths, nodeId, xContentRegistry(), BigArrays.NON_RECYCLING_INSTANCE, new ClusterSettings(settings, ClusterSettings.BUILT_IN_CLUSTER_SETTINGS), () -> 0L).createWriter()) {
writer.writeFullStateAndCommit(1L, clusterState);
}
}
indexShard = newStartedShard(p -> newShard(routing, shardPath, indexMetadata, null, null, new InternalEngineFactory(), new EngineConfigFactory(new IndexSettings(indexMetadata, settings)), () -> {
}, RetentionLeaseSyncer.EMPTY, EMPTY_EVENT_LISTENER), true);
translogPath = shardPath.resolveTranslog();
indexPath = shardPath.resolveIndex();
}
Also used :
Path(java.nio.file.Path)
EngineException(org.opensearch.index.engine.EngineException)
Arrays(java.util.Arrays)
TranslogCorruptedException(org.opensearch.index.translog.TranslogCorruptedException)
Matchers.either(org.hamcrest.Matchers.either)
MockTerminal(org.opensearch.cli.MockTerminal)
Metadata(org.opensearch.cluster.metadata.Metadata)
TRUNCATE_CLEAN_TRANSLOG_FLAG(org.opensearch.index.shard.RemoveCorruptedShardDataCommand.TRUNCATE_CLEAN_TRANSLOG_FLAG)
CheckedFunction(org.opensearch.common.CheckedFunction)
Version(org.opensearch.Version)
OpenSearchException(org.opensearch.OpenSearchException)
Matcher(java.util.regex.Matcher)
OptionParser(joptsimple.OptionParser)
DummyShardLock(org.opensearch.test.DummyShardLock)
Path(java.nio.file.Path)
OptionSet(joptsimple.OptionSet)
NodeEnvironment(org.opensearch.env.NodeEnvironment)
Matchers.allOf(org.hamcrest.Matchers.allOf)
Set(java.util.Set)
Settings(org.opensearch.common.settings.Settings)
Store(org.opensearch.index.store.Store)
Matchers.startsWith(org.hamcrest.Matchers.startsWith)
Objects(java.util.Objects)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
EngineConfigFactory(org.opensearch.index.engine.EngineConfigFactory)
Matchers.equalTo(org.hamcrest.Matchers.equalTo)
IndexSettings(org.opensearch.index.IndexSettings)
Matchers.is(org.hamcrest.Matchers.is)
ShardRoutingHelper(org.opensearch.cluster.routing.ShardRoutingHelper)
Pattern(java.util.regex.Pattern)
BigArrays(org.opensearch.common.util.BigArrays)
Matchers.containsString(org.hamcrest.Matchers.containsString)
TestEnvironment(org.opensearch.env.TestEnvironment)
IndexMetadata(org.opensearch.cluster.metadata.IndexMetadata)
RecoverySource(org.opensearch.cluster.routing.RecoverySource)
BaseDirectoryWrapper(org.apache.lucene.store.BaseDirectoryWrapper)
PersistedClusterStateService(org.opensearch.gateway.PersistedClusterStateService)
ClusterState(org.opensearch.cluster.ClusterState)
ShardRoutingState(org.opensearch.cluster.routing.ShardRoutingState)
UUIDs(org.opensearch.common.UUIDs)
ClusterSettings(org.opensearch.common.settings.ClusterSettings)
CorruptionUtils(org.opensearch.test.CorruptionUtils)
Before(org.junit.Before)
Environment(org.opensearch.env.Environment)
InternalEngineFactory(org.opensearch.index.engine.InternalEngineFactory)
Terminal(org.opensearch.cli.Terminal)
Files(java.nio.file.Files)
TestTranslog(org.opensearch.index.translog.TestTranslog)
IOException(java.io.IOException)
ShardRouting(org.opensearch.cluster.routing.ShardRouting)
TestShardRouting(org.opensearch.cluster.routing.TestShardRouting)
ClusterName(org.opensearch.cluster.ClusterName)
MergePolicyConfig(org.opensearch.index.MergePolicyConfig)
RetentionLeaseSyncer(org.opensearch.index.seqno.RetentionLeaseSyncer)
ClusterSettings(org.opensearch.common.settings.ClusterSettings)
NodeEnvironment(org.opensearch.env.NodeEnvironment)
IndexSettings(org.opensearch.index.IndexSettings)
Matchers.containsString(org.hamcrest.Matchers.containsString)
EngineConfigFactory(org.opensearch.index.engine.EngineConfigFactory)
InternalEngineFactory(org.opensearch.index.engine.InternalEngineFactory)
Objects(java.util.Objects)
PersistedClusterStateService(org.opensearch.gateway.PersistedClusterStateService)
IndexMetadata(org.opensearch.cluster.metadata.IndexMetadata)
Files(java.nio.file.Files)
Settings(org.opensearch.common.settings.Settings)
IndexSettings(org.opensearch.index.IndexSettings)
ClusterSettings(org.opensearch.common.settings.ClusterSettings)
Before(org.junit.Before)
Aggregations
Environment (org.opensearch.env.Environment)142
TestEnvironment (org.opensearch.env.TestEnvironment)98
Path (java.nio.file.Path)80
Settings (org.opensearch.common.settings.Settings)79
Matchers.containsString (org.hamcrest.Matchers.containsString)69
Matchers.hasToString (org.hamcrest.Matchers.hasToString)40
NodeEnvironment (org.opensearch.env.NodeEnvironment)32
IOException (java.io.IOException)27
UserException (org.opensearch.cli.UserException)23
ClusterState (org.opensearch.cluster.ClusterState)22
IndexSettings (org.opensearch.index.IndexSettings)22
MockTerminal (org.opensearch.cli.MockTerminal)19
IndexMetadata (org.opensearch.cluster.metadata.IndexMetadata)19
OpenSearchException (org.opensearch.OpenSearchException)18
Map (java.util.Map)16
OptionSet (joptsimple.OptionSet)15
DiscoverySettings (org.opensearch.node.Node.DiscoverySettings)14
Version (org.opensearch.Version)13
Files (java.nio.file.Files)11
Arrays (java.util.Arrays)11
