honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-02-17 10:25:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10963 from rmuir/lockdown3

Browse Source 
Remove exitVM permissions
This commit is contained in:
Robert Muir 2015-05-04 11:56:30 -07:00
commit a0be20137d
4 changed files with 41 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
src/main/java/org/elasticsearch/bootstrap/Bootstrap.java
View File

@ -30,6 +30,7 @@ import org.elasticsearch.common.inject.spi.Message;
import org.elasticsearch.common.io.PathUtils; import org.elasticsearch.common.io.PathUtils;
import org.elasticsearch.common.jna.Kernel32Library; import org.elasticsearch.common.jna.Kernel32Library;
import org.elasticsearch.common.jna.Natives; import org.elasticsearch.common.jna.Natives;
import org.elasticsearch.common.lease.Releasables;
import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.Loggers; import org.elasticsearch.common.logging.Loggers;
import org.elasticsearch.common.logging.log4j.LogConfigurator; import org.elasticsearch.common.logging.log4j.LogConfigurator;
@ -55,11 +56,33 @@ import static org.elasticsearch.common.settings.ImmutableSettings.Builder.EMPTY_
*/ */
public class Bootstrap { public class Bootstrap {
private Node node; private static volatile Bootstrap INSTANCE;
private static volatile Thread keepAliveThread; private Node node;
private static volatile CountDownLatch keepAliveLatch; private final CountDownLatch keepAliveLatch = new CountDownLatch(1);
private static Bootstrap bootstrap; private final Thread keepAliveThread;
/** creates a new instance */
Bootstrap() {
keepAliveThread = new Thread(new Runnable() {
@Override
public void run() {
try {
keepAliveLatch.await();
} catch (InterruptedException e) {
// bail out
}
}
}, "elasticsearch[keepAlive/" + Version.CURRENT + "]");
keepAliveThread.setDaemon(false);
// keep this thread alive (non daemon thread) until we shutdown
Runtime.getRuntime().addShutdownHook(new Thread() {
@Override
public void run() {
keepAliveLatch.countDown();
}
});
}
/** initialize native resources */ /** initialize native resources */
public static void initializeNatives(boolean mlockAll, boolean ctrlHandler) { public static void initializeNatives(boolean mlockAll, boolean ctrlHandler) {
@ -77,7 +100,7 @@ public class Bootstrap {
ESLogger logger = Loggers.getLogger(Bootstrap.class); ESLogger logger = Loggers.getLogger(Bootstrap.class);
logger.info("running graceful exit on windows"); logger.info("running graceful exit on windows");
System.exit(0); Bootstrap.INSTANCE.stop();
return true; return true;
} }
return false; return false;
@ -148,47 +171,22 @@ public class Bootstrap {
return InternalSettingsPreparer.prepareSettings(EMPTY_SETTINGS, true); return InternalSettingsPreparer.prepareSettings(EMPTY_SETTINGS, true);
} }
/** private void start() {
* hook for JSVC
*/
public void init(String[] args) throws Exception {
Tuple<Settings, Environment> tuple = initialSettings();
Settings settings = tuple.v1();
Environment environment = tuple.v2();
setupLogging(settings, environment);
setup(true, settings, environment);
}
/**
* hook for JSVC
*/
public void start() {
node.start(); node.start();
keepAliveThread.start();
} }
/** private void stop() {
* hook for JSVC try {
*/ Releasables.close(node);
public void stop() { } finally {
destroy(); keepAliveLatch.countDown();
} }
/**
* hook for JSVC
*/
public void destroy() {
node.close();
}
public static void close(String[] args) {
bootstrap.destroy();
keepAliveLatch.countDown();
} }
public static void main(String[] args) { public static void main(String[] args) {
System.setProperty("es.logger.prefix", ""); System.setProperty("es.logger.prefix", "");
bootstrap = new Bootstrap(); INSTANCE = new Bootstrap();
final String pidFile = System.getProperty("es.pidfile", System.getProperty("es-pidfile")); final String pidFile = System.getProperty("es.pidfile", System.getProperty("es-pidfile"));
if (pidFile != null) { if (pidFile != null) {
@ -240,40 +238,18 @@ public class Bootstrap {
// fail if using broken version // fail if using broken version
JVMCheck.check(); JVMCheck.check();
keepAliveLatch = new CountDownLatch(1); INSTANCE.setup(true, settings, environment);
// keep this thread alive (non daemon thread) until we shutdown
Runtime.getRuntime().addShutdownHook(new Thread() {
@Override
public void run() {
keepAliveLatch.countDown();
}
});
bootstrap.setup(true, settings, environment);
stage = "Startup"; stage = "Startup";
bootstrap.start(); INSTANCE.start();
if (!foreground) { if (!foreground) {
closeSysError(); closeSysError();
} }
keepAliveThread = new Thread(new Runnable() {
@Override
public void run() {
try {
keepAliveLatch.await();
} catch (InterruptedException e) {
// bail out
}
}
}, "elasticsearch[keepAlive/" + Version.CURRENT + "]");
keepAliveThread.setDaemon(false);
keepAliveThread.start();
} catch (Throwable e) { } catch (Throwable e) {
ESLogger logger = Loggers.getLogger(Bootstrap.class); ESLogger logger = Loggers.getLogger(Bootstrap.class);
if (bootstrap.node != null) { if (INSTANCE.node != null) {
logger = Loggers.getLogger(Bootstrap.class, bootstrap.node.settings().get("name")); logger = Loggers.getLogger(Bootstrap.class, INSTANCE.node.settings().get("name"));
} }
String errorMessage = buildErrorMessage(stage, e); String errorMessage = buildErrorMessage(stage, e);
if (foreground) { if (foreground) {

4
src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java
View File

@ -24,10 +24,6 @@ package org.elasticsearch.bootstrap;
*/ */
public class Elasticsearch extends Bootstrap { public class Elasticsearch extends Bootstrap {
public static void close(String[] args) {
Bootstrap.close(args);
}
public static void main(String[] args) { public static void main(String[] args) {
Bootstrap.main(args); Bootstrap.main(args);
} }

4
src/main/java/org/elasticsearch/bootstrap/ElasticsearchF.java
View File

@ -25,10 +25,6 @@ package org.elasticsearch.bootstrap;
*/ */
public class ElasticsearchF { public class ElasticsearchF {
public static void close(String[] args) {
Bootstrap.close(args);
}
public static void main(String[] args) { public static void main(String[] args) {
System.setProperty("es.foreground", "yes"); System.setProperty("es.foreground", "yes");
Bootstrap.main(args); Bootstrap.main(args);

3
src/main/resources/org/elasticsearch/bootstrap/security.policy
View File

@ -63,9 +63,6 @@ grant {
// needed by ImmutableSettings // needed by ImmutableSettings
permission java.lang.RuntimePermission "getenv.*"; permission java.lang.RuntimePermission "getenv.*";
// needed by BootStrap, etc
permission java.lang.RuntimePermission "exitVM.*";
// needed by PluginManager // needed by PluginManager
permission java.lang.RuntimePermission "setFactory"; permission java.lang.RuntimePermission "setFactory";