hacky state

2015-05-04 15:38:46 -04:00 · 2015-05-04 15:38:46 -04:00 · fe046df125
parent a0be20137d
commit fe046df125
5 changed files with 70 additions and 33 deletions
--- a/.pom.xml.swp
+++ b/.pom.xml.swp
--- a/pom.xml
+++ b/pom.xml
@ -37,12 +37,13 @@
        <testframework.version>2.1.14</testframework.version>
        <tests.jvms>auto</tests.jvms>
        <tests.shuffle>true</tests.shuffle>
-        <tests.output>onerror</tests.output>
+        <tests.output>always</tests.output>
        <tests.client.ratio></tests.client.ratio>
        <tests.bwc.path>${project.basedir}/backwards</tests.bwc.path>
        <tests.locale>random</tests.locale>
        <tests.timezone>random</tests.timezone>
        <tests.slow>false</tests.slow>
+        <tests.security.manager>true</tests.security.manager>
        <es.logger.level>ERROR</es.logger.level>
        <tests.heap.size>512m</tests.heap.size>
        <tests.heapdump.path>${basedir}/logs/</tests.heapdump.path>
@ -583,6 +584,7 @@
                                <param>-Des.logger.prefix=</param>
                                <param>-XX:+HeapDumpOnOutOfMemoryError</param>
                                <param>-XX:HeapDumpPath=${tests.heapdump.path}</param>
+                                <param>-Djava.security.debug=access:failure,policy</param>
                            </jvmArgs>
                            <shuffleOnSlave>${tests.shuffle}</shuffleOnSlave>
                            <sysouts>${tests.verbose}</sysouts>
@ -638,8 +640,6 @@
                                <!-- true if we are running tests from maven (as opposed to IDE, etc).
                                     allows us to assert certain things work, like libsigar -->
                                <tests.maven>true</tests.maven>
-                                <!-- security manager / test.policy -->
-                                <java.security.policy>${basedir}/src/main/resources/org/elasticsearch/bootstrap/security.policy</java.security.policy>
                            </systemProperties>
                        </configuration>
                    </execution>
--- a/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
+++ b/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java
@ -0,0 +1,53 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.bootstrap;
+
+import org.elasticsearch.common.SuppressForbidden;
+
+import java.net.URI;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+import java.security.URIParameter;
+
+/** custom policy for union of static and dynamic permissions */
+public class ESPolicy extends Policy {
+    
+    /** template policy file, the one used in tests */
+    static final String POLICY_RESOURCE = "security.policy";
+    
+    final Policy template;
+    final PermissionCollection dynamic;
+
+    @SuppressForbidden(reason = "ok")
+    public ESPolicy(PermissionCollection dynamic) throws Exception {
+        URI uri = getClass().getResource(POLICY_RESOURCE).toURI();
+        System.out.println("temp=" + System.getProperty("java.io.tmpdir"));
+        this.template = Policy.getInstance("JavaPolicy", new URIParameter(uri));
+        this.dynamic = dynamic;
+    }
+
+    @Override @SuppressForbidden(reason = "ok")
+    public boolean implies(ProtectionDomain domain, Permission permission) {
+        //System.out.println("domain=" + domain);
+        return template.implies(domain, permission) || dynamic.implies(permission);
+    }
+}
--- a/src/main/java/org/elasticsearch/bootstrap/Security.java
+++ b/src/main/java/org/elasticsearch/bootstrap/Security.java
@ -25,12 +25,8 @@ import java.io.*;
 import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.Permission;
-import java.security.PermissionCollection;
 import java.security.Permissions;
 import java.security.Policy;
-import java.security.ProtectionDomain;
-import java.security.URIParameter;

 /** 
 * Initializes securitymanager with necessary permissions.
@ -39,18 +35,14 @@ import java.security.URIParameter;
 * permissions based on the environment (data paths, etc)
 */
 class Security {
-    
-    /** template policy file, the one used in tests */
-    static final String POLICY_RESOURCE = "security.policy";
-    
+       
    /** 
     * Initializes securitymanager for the environment
     * Can only happen once!
     */
    static void configure(Environment environment) throws Exception {
        // enable security policy: union of template and environment-based paths.
-        URI template = Security.class.getResource(POLICY_RESOURCE).toURI();
-        Policy.setPolicy(new ESPolicy(template, createPermissions(environment)));
+        Policy.setPolicy(new ESPolicy(createPermissions(environment)));

        // enable security manager
        System.setSecurityManager(new SecurityManager());
@ -98,20 +90,4 @@ class Security {
            throw new SecurityException("Security misconfiguration: cannot access java.io.tmpdir", problem);
        }
    }
-
-    /** custom policy for union of static and dynamic permissions */
-    static class ESPolicy extends Policy {
-        final Policy template;
-        final PermissionCollection dynamic;
-
-        ESPolicy(URI template, PermissionCollection dynamic) throws Exception {
-            this.template = Policy.getInstance("JavaPolicy", new URIParameter(template));
-            this.dynamic = dynamic;
-        }
-
-        @Override
-        public boolean implies(ProtectionDomain domain, Permission permission) {
-            return template.implies(domain, permission) || dynamic.implies(permission);
-        }
-    }
 }
--- a/src/test/java/org/elasticsearch/test/SecurityHack.java
+++ b/src/test/java/org/elasticsearch/test/SecurityHack.java
@ -21,6 +21,10 @@ package org.elasticsearch.test;

 import org.apache.lucene.util.TestSecurityManager;
 import org.elasticsearch.bootstrap.Bootstrap;
+import org.elasticsearch.bootstrap.ESPolicy;
+
+import java.security.Permissions;
+import java.security.Policy;

 import static com.carrotsearch.randomizedtesting.RandomizedTest.systemPropertyAsBoolean;

@ -36,10 +40,14 @@ class SecurityHack {
    static {
        // just like bootstrap, initialize natives, then SM
        Bootstrap.initializeNatives(true, true);
-        // for IDEs, we check that security.policy is set
-        if (systemPropertyAsBoolean("tests.security.manager", true) && 
-                System.getProperty("java.security.policy") != null) {
-            System.setSecurityManager(new TestSecurityManager());
+        // install security manager if requested
+        if (systemPropertyAsBoolean("tests.security.manager", false)) {
+            try {
+                Policy.setPolicy(new ESPolicy(new Permissions()));
+                System.setSecurityManager(new TestSecurityManager());
+            } catch (Exception e) {
+                throw new RuntimeException("unable to install test security manager", e);
+            }
        }
    }