honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add friendlier message on bad keystore permissions 

If we do not have permissions to write the keystore, an unclear access
denied exception is thrown. This commit catches this exception so that
we can decorate it with a friendlier error message.

Relates #26284
This commit is contained in:
Jason Tedor 2017-08-18 10:39:38 -04:00 committed by GitHub
parent 9f295b4ba8
commit 8a7d48538e
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/src/main/java/org/elasticsearch/cli/UserException.java
View File

@ -32,4 +32,17 @@ public class UserException extends Exception {
super(msg); super(msg);
this.exitCode = exitCode; this.exitCode = exitCode;
} }
/**
* Constructs a new user exception with specified exit status, message, and underlying cause.
*
* @param exitCode the exit code
* @param msg the message
* @param cause the underlying cause
*/
public UserException(final int exitCode, final String msg, final Throwable cause) {
super(msg, cause);
this.exitCode = exitCode;
}
} }

9
core/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java
View File

@ -30,6 +30,7 @@ import java.io.InputStream;
import java.nio.CharBuffer; import java.nio.CharBuffer;
import java.nio.charset.CharsetEncoder; import java.nio.charset.CharsetEncoder;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.nio.file.AccessDeniedException;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.StandardCopyOption; import java.nio.file.StandardCopyOption;
@ -59,6 +60,8 @@ import org.apache.lucene.store.IndexOutput;
import org.apache.lucene.store.SimpleFSDirectory; import org.apache.lucene.store.SimpleFSDirectory;
import org.apache.lucene.util.SetOnce; import org.apache.lucene.util.SetOnce;
import org.elasticsearch.bootstrap.BootstrapSettings; import org.elasticsearch.bootstrap.BootstrapSettings;
import org.elasticsearch.cli.ExitCodes;
import org.elasticsearch.cli.UserException;
import org.elasticsearch.common.Randomness; import org.elasticsearch.common.Randomness;
/** /**
@ -304,6 +307,12 @@ public class KeyStoreWrapper implements SecureSettings {
output.writeInt(keystoreBytes.length); output.writeInt(keystoreBytes.length);
output.writeBytes(keystoreBytes, keystoreBytes.length); output.writeBytes(keystoreBytes, keystoreBytes.length);
CodecUtil.writeFooter(output); CodecUtil.writeFooter(output);
} catch (final AccessDeniedException e) {
final String message = String.format(
Locale.ROOT,
"unable to create temporary keystore at [%s], please check filesystem permissions",
configDir.resolve(tmpFile));
throw new UserException(ExitCodes.CONFIG, message, e);
} }
Path keystoreFile = keystorePath(configDir); Path keystoreFile = keystorePath(configDir);