Move IfConfig.logIfNecessary call into bootstrap (#22455)

This is related to #22116. A logIfNecessary() call makes a call to NetworkInterface.getInterfaceAddresses() requiring SocketPermission connect privileges. By moving this to bootstrap the logging call can be made before installing the SecurityManager.
2017-01-06 11:10:53 -06:00 · 2017-01-06 11:10:53 -06:00 · b9c2c2f6f0
parent f24ca5188a
commit b9c2c2f6f0
4 changed files with 11 additions and 4 deletions
--- a/core/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java
+++ b/core/src/main/java/org/elasticsearch/bootstrap/Bootstrap.java
@ -40,6 +40,7 @@ import org.elasticsearch.common.logging.DeprecationLogger;
 import org.elasticsearch.common.logging.ESLoggerFactory;
 import org.elasticsearch.common.logging.LogConfigurator;
 import org.elasticsearch.common.logging.Loggers;
 import org.elasticsearch.common.network.IfConfig;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.BoundTransportAddress;
 import org.elasticsearch.env.Environment;
@ -207,6 +208,9 @@ final class Bootstrap {
            throw new BootstrapException(e);
        }
        // Log ifconfig output before SecurityManager is installed
        IfConfig.logIfNecessary();
        // install SM after natives, shutdown hooks, etc.
        try {
            Security.configure(environment, BootstrapSettings.SECURITY_FILTER_BAD_DEFAULTS_SETTING.get(settings));
--- a/core/src/main/java/org/elasticsearch/common/network/IfConfig.java
+++ b/core/src/main/java/org/elasticsearch/common/network/IfConfig.java
@ -34,17 +34,17 @@ import java.util.Locale;
 /**
 * Simple class to log {@code ifconfig}-style output at DEBUG logging.
 */
-final class IfConfig {
+public final class IfConfig {
    private static final Logger logger = Loggers.getLogger(IfConfig.class);
    private static final String INDENT = "        ";
    /** log interface configuration at debug level, if its enabled */
-    static void logIfNecessary() {
+    public static void logIfNecessary() {
        if (logger.isDebugEnabled()) {
            try {
                doLogging();
-            } catch (IOException | SecurityException e) {
+            } catch (IOException e) {
                logger.warn("unable to gather network information", e);
            }
        }
--- a/core/src/main/java/org/elasticsearch/common/network/NetworkService.java
+++ b/core/src/main/java/org/elasticsearch/common/network/NetworkService.java
@ -90,7 +90,6 @@ public class NetworkService extends AbstractComponent {
    public NetworkService(Settings settings, List<CustomNameResolver> customNameResolvers) {
        super(settings);
        IfConfig.logIfNecessary();
        this.customNameResolvers = customNameResolvers;
    }
--- a/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java
+++ b/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java
@ -25,6 +25,7 @@ import org.elasticsearch.SecureSM;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.SuppressForbidden;
 import org.elasticsearch.common.io.PathUtils;
 import org.elasticsearch.common.network.IfConfig;
 import org.elasticsearch.plugins.PluginInfo;
 import org.junit.Assert;
@ -89,6 +90,9 @@ public class BootstrapForTesting {
            throw new RuntimeException("found jar hell in test classpath", e);
        }
        // Log ifconfig output before SecurityManager is installed
        IfConfig.logIfNecessary();
        // install security manager if requested
        if (systemPropertyAsBoolean("tests.security.manager", true)) {
            try {