Example 41 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class ReloadSecureSettingsIT method testMissingKeystoreFile.
public void testMissingKeystoreFile() throws Exception {
final PluginsService pluginsService = internalCluster().getInstance(PluginsService.class);
final MockReloadablePlugin mockReloadablePlugin = pluginsService.filterPlugins(MockReloadablePlugin.class).stream().findFirst().get();
final Environment environment = internalCluster().getInstance(Environment.class);
final AtomicReference<AssertionError> reloadSettingsError = new AtomicReference<>();
// keystore file should be missing for this test case
Files.deleteIfExists(KeyStoreWrapper.keystorePath(environment.configFile()));
final int initialReloadCount = mockReloadablePlugin.getReloadCount();
final CountDownLatch latch = new CountDownLatch(1);
final SecureString emptyPassword = randomBoolean() ? new SecureString(new char[0]) : null;
client().admin().cluster().prepareReloadSecureSettings().setSecureStorePassword(emptyPassword).setNodesIds(Strings.EMPTY_ARRAY).execute(new ActionListener<NodesReloadSecureSettingsResponse>() {
@Override
public void onResponse(NodesReloadSecureSettingsResponse nodesReloadResponse) {
try {
assertThat(nodesReloadResponse, notNullValue());
final Map<String, NodesReloadSecureSettingsResponse.NodeResponse> nodesMap = nodesReloadResponse.getNodesMap();
assertThat(nodesMap.size(), equalTo(cluster().size()));
for (final NodesReloadSecureSettingsResponse.NodeResponse nodeResponse : nodesReloadResponse.getNodes()) {
assertThat(nodeResponse.reloadException(), notNullValue());
assertThat(nodeResponse.reloadException(), instanceOf(IllegalStateException.class));
assertThat(nodeResponse.reloadException().getMessage(), containsString("Keystore is missing"));
}
} catch (final AssertionError e) {
reloadSettingsError.set(e);
} finally {
latch.countDown();
}
}
@Override
public void onFailure(Exception e) {
reloadSettingsError.set(new AssertionError("Nodes request failed", e));
latch.countDown();
}
});
latch.await();
if (reloadSettingsError.get() != null) {
throw reloadSettingsError.get();
}
// in the missing keystore case no reload should be triggered
assertThat(mockReloadablePlugin.getReloadCount(), equalTo(initialReloadCount));
}
Also used :
PluginsService(org.opensearch.plugins.PluginsService)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
CountDownLatch(java.util.concurrent.CountDownLatch)
OpenSearchException(org.opensearch.OpenSearchException)
RemoteTransportException(org.opensearch.transport.RemoteTransportException)
AccessControlException(java.security.AccessControlException)
Environment(org.opensearch.env.Environment)
Map(java.util.Map)
SecureString(org.opensearch.common.settings.SecureString)
NodesReloadSecureSettingsResponse(org.opensearch.action.admin.cluster.node.reload.NodesReloadSecureSettingsResponse)
Example 42 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class Bootstrap method init.
/**
* This method is invoked by {@link OpenSearch#main(String[])} to startup opensearch.
*/
static void init(final boolean foreground, final Path pidFile, final boolean quiet, final Environment initialEnv) throws BootstrapException, NodeValidationException, UserException {
// force the class initializer for BootstrapInfo to run before
// the security manager is installed
BootstrapInfo.init();
INSTANCE = new Bootstrap();
final SecureSettings keystore = loadSecureSettings(initialEnv);
final Environment environment = createEnvironment(pidFile, keystore, initialEnv.settings(), initialEnv.configFile());
LogConfigurator.setNodeName(Node.NODE_NAME_SETTING.get(environment.settings()));
try {
LogConfigurator.configure(environment);
} catch (IOException e) {
throw new BootstrapException(e);
}
if (JavaVersion.current().compareTo(JavaVersion.parse("11")) < 0) {
final String message = String.format(Locale.ROOT, "future versions of OpenSearch will require Java 11; " + "your Java version from [%s] does not meet this requirement", System.getProperty("java.home"));
DeprecationLogger.getLogger(Bootstrap.class).deprecate("java_version_11_required", message);
}
if (environment.pidFile() != null) {
try {
PidFile.create(environment.pidFile(), true);
} catch (IOException e) {
throw new BootstrapException(e);
}
}
final boolean closeStandardStreams = (foreground == false) || quiet;
try {
if (closeStandardStreams) {
final Logger rootLogger = LogManager.getRootLogger();
final Appender maybeConsoleAppender = Loggers.findAppender(rootLogger, ConsoleAppender.class);
if (maybeConsoleAppender != null) {
Loggers.removeAppender(rootLogger, maybeConsoleAppender);
}
closeSystOut();
}
// fail if somebody replaced the lucene jars
checkLucene();
// install the default uncaught exception handler; must be done before security is
// initialized as we do not want to grant the runtime permission
// setDefaultUncaughtExceptionHandler
Thread.setDefaultUncaughtExceptionHandler(new OpenSearchUncaughtExceptionHandler());
INSTANCE.setup(true, environment);
try {
// any secure settings must be read during node construction
IOUtils.close(keystore);
} catch (IOException e) {
throw new BootstrapException(e);
}
INSTANCE.start();
// startup errors via journalctl.
if (foreground == false) {
closeSysError();
}
} catch (NodeValidationException | RuntimeException e) {
// disable console logging, so user does not see the exception twice (jvm will show it already)
final Logger rootLogger = LogManager.getRootLogger();
final Appender maybeConsoleAppender = Loggers.findAppender(rootLogger, ConsoleAppender.class);
if (foreground && maybeConsoleAppender != null) {
Loggers.removeAppender(rootLogger, maybeConsoleAppender);
}
Logger logger = LogManager.getLogger(Bootstrap.class);
// HACK, it sucks to do this, but we will run users out of disk space otherwise
if (e instanceof CreationException) {
// guice: log the shortened exc to the log file
ByteArrayOutputStream os = new ByteArrayOutputStream();
PrintStream ps = null;
try {
ps = new PrintStream(os, false, "UTF-8");
} catch (UnsupportedEncodingException uee) {
assert false;
e.addSuppressed(uee);
}
new StartupException(e).printStackTrace(ps);
ps.flush();
try {
logger.error("Guice Exception: {}", os.toString("UTF-8"));
} catch (UnsupportedEncodingException uee) {
assert false;
e.addSuppressed(uee);
}
} else if (e instanceof NodeValidationException) {
logger.error("node validation exception\n{}", e.getMessage());
} else {
// full exception
logger.error("Exception", e);
}
// re-enable it if appropriate, so they can see any logging during the shutdown process
if (foreground && maybeConsoleAppender != null) {
Loggers.addAppender(rootLogger, maybeConsoleAppender);
}
throw e;
}
}
Also used :
Appender(org.apache.logging.log4j.core.Appender)
ConsoleAppender(org.apache.logging.log4j.core.appender.ConsoleAppender)
ConsoleAppender(org.apache.logging.log4j.core.appender.ConsoleAppender)
PrintStream(java.io.PrintStream)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
CreationException(org.opensearch.common.inject.CreationException)
IOException(java.io.IOException)
SecureString(org.opensearch.common.settings.SecureString)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
DeprecationLogger(org.opensearch.common.logging.DeprecationLogger)
Logger(org.apache.logging.log4j.Logger)
NodeValidationException(org.opensearch.node.NodeValidationException)
SecureSettings(org.opensearch.common.settings.SecureSettings)
Environment(org.opensearch.env.Environment)
Example 43 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class ReindexFromRemoteBuildRestClientTests method sslConfig.
private ReindexSslConfig sslConfig() {
final Environment environment = TestEnvironment.newEnvironment(Settings.builder().put("path.home", createTempDir()).build());
final ResourceWatcherService resourceWatcher = mock(ResourceWatcherService.class);
return new ReindexSslConfig(environment.settings(), environment, resourceWatcher);
}
Also used :
Environment(org.opensearch.env.Environment)
TestEnvironment(org.opensearch.env.TestEnvironment)
ResourceWatcherService(org.opensearch.watcher.ResourceWatcherService)
Example 44 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class EvilSecurityTests method testGeneratedPermissions.
/**
* test generated permissions
*/
public void testGeneratedPermissions() throws Exception {
Path path = createTempDir();
// make a fake ES home and ensure we only grant permissions to that.
Path esHome = path.resolve("esHome");
Settings.Builder settingsBuilder = Settings.builder();
settingsBuilder.put(Environment.PATH_HOME_SETTING.getKey(), esHome.toString());
Settings settings = settingsBuilder.build();
Path fakeTmpDir = createTempDir();
String realTmpDir = System.getProperty("java.io.tmpdir");
Permissions permissions;
try {
System.setProperty("java.io.tmpdir", fakeTmpDir.toString());
Environment environment = TestEnvironment.newEnvironment(settings);
permissions = Security.createPermissions(environment);
} finally {
System.setProperty("java.io.tmpdir", realTmpDir);
}
// the fake es home
assertNoPermissions(esHome, permissions);
// its parent
assertNoPermissions(esHome.getParent(), permissions);
// some other sibling
assertNoPermissions(esHome.getParent().resolve("other"), permissions);
// double check we overwrote java.io.tmpdir correctly for the test
assertNoPermissions(PathUtils.get(realTmpDir), permissions);
}
Also used :
Path(java.nio.file.Path)
Permissions(java.security.Permissions)
Environment(org.opensearch.env.Environment)
TestEnvironment(org.opensearch.env.TestEnvironment)
Matchers.hasToString(org.hamcrest.Matchers.hasToString)
Matchers.containsString(org.hamcrest.Matchers.containsString)
Settings(org.opensearch.common.settings.Settings)
Example 45 with Environment
use of org.opensearch.env.Environment in project OpenSearch by opensearch-project.
the class EvilLoggerConfigurationTests method testResolveMultipleConfigs.
public void testResolveMultipleConfigs() throws Exception {
final Level level = LogManager.getLogger("test").getLevel();
try {
final Path configDir = getDataPath("config");
final Settings settings = Settings.builder().put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).build();
final Environment environment = new Environment(settings, configDir);
LogConfigurator.configure(environment);
{
final LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
final Configuration config = ctx.getConfiguration();
final LoggerConfig loggerConfig = config.getLoggerConfig("test");
final Appender appender = loggerConfig.getAppenders().get("console");
assertThat(appender, notNullValue());
}
{
final LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
final Configuration config = ctx.getConfiguration();
final LoggerConfig loggerConfig = config.getLoggerConfig("second");
final Appender appender = loggerConfig.getAppenders().get("console2");
assertThat(appender, notNullValue());
}
{
final LoggerContext ctx = (LoggerContext) LogManager.getContext(false);
final Configuration config = ctx.getConfiguration();
final LoggerConfig loggerConfig = config.getLoggerConfig("third");
final Appender appender = loggerConfig.getAppenders().get("console3");
assertThat(appender, notNullValue());
}
} finally {
Configurator.setLevel("test", level);
}
}
Also used :
Path(java.nio.file.Path)
Appender(org.apache.logging.log4j.core.Appender)
Configuration(org.apache.logging.log4j.core.config.Configuration)
Environment(org.opensearch.env.Environment)
Level(org.apache.logging.log4j.Level)
LoggerContext(org.apache.logging.log4j.core.LoggerContext)
Settings(org.opensearch.common.settings.Settings)
LoggerConfig(org.apache.logging.log4j.core.config.LoggerConfig)
Aggregations
Environment (org.opensearch.env.Environment)142
TestEnvironment (org.opensearch.env.TestEnvironment)98
Path (java.nio.file.Path)80
Settings (org.opensearch.common.settings.Settings)79
Matchers.containsString (org.hamcrest.Matchers.containsString)69
Matchers.hasToString (org.hamcrest.Matchers.hasToString)40
NodeEnvironment (org.opensearch.env.NodeEnvironment)32
IOException (java.io.IOException)27
UserException (org.opensearch.cli.UserException)23
ClusterState (org.opensearch.cluster.ClusterState)22
IndexSettings (org.opensearch.index.IndexSettings)22
MockTerminal (org.opensearch.cli.MockTerminal)19
IndexMetadata (org.opensearch.cluster.metadata.IndexMetadata)19
OpenSearchException (org.opensearch.OpenSearchException)18
Map (java.util.Map)16
OptionSet (joptsimple.OptionSet)15
DiscoverySettings (org.opensearch.node.Node.DiscoverySettings)14
Version (org.opensearch.Version)13
Files (java.nio.file.Files)11
Arrays (java.util.Arrays)11
