Commit Graph

7 Commits

Author SHA1 Message Date
Lee Hinman efff3918d8 Remove support for mulitple languages per scripting engine 2016-05-13 09:24:31 -06:00
Lee Hinman a4060f7436 Remove vestiges of script engine sandboxing
This removes all the mentions of the sandbox from the script engine
services and permissions model. This means that the following settings
are no longer supported:

```yaml
script.inline: sandbox
script.stored: sandbox
```

Instead, only a `true` or `false` value can be specified.

Since this would otherwise break the default-allow parameter for
languages like expressions, painless, and mustache, all script engines
have been updated to have individual settings, for instance:

```yaml
script.engine.groovy.inline: true
```

Would enable all inline scripts for groovy. (they can still be
overridden on a per-operation basis).

Expressions, Painless, and Mustache all default to `true` for inline,
file, and stored scripts to preserve the old scripting behavior.

Resolves #17114
2016-05-13 09:24:31 -06:00
Clinton Gormley 34d90b041f Reorganise scripting docs (#18132)
* Reorganize scripting documentation

* Further changes to tidy up scripting docs

Closes #18116

* Add note about .lat/lon potentially returning null

* Added .value to expressions example

* Fixed two bad ASCIIDOC links
2016-05-04 18:17:10 +02:00
Jason Tedor 3879aa2a98 Add JVM options configuration file
This commit adds a new configuration file jvm.options to centralize and
simplify management of JVM options. This separates the configuration of
the JVM from the packaging scripts (bin/elasticsearch*, bin/service.bat,
and init.d/elasticsearch) simplifying end-user operational management of
custom JVM options.
2016-04-12 11:19:16 -04:00
Clinton Gormley bd059b8cc3 Clarify how `-Djava.security.policy=someURL` must be passed
Closes #17160
2016-03-17 14:13:19 +01:00
Simon Willnauer c50586599e Make security non-optional
2.x has show so far that running with security manager is the way to go.
This commit make this non-optional. Users that need to pass their own rules
can still do this via the system configuration for the security manager. They
can even opt out of all security that way.
2016-02-11 17:11:24 +01:00
Clinton Gormley 676078c53d Docs: Java Security Manager and scripting
Added docs explaining the impact of the Java Security Manager on scripting
languages, how to disable the JSM, and how to customise the classloader
whitelist.

Closes https://github.com/elastic/elasticsearch/issues/16094
Closes https://github.com/elastic/elasticsearch/issues/14290
2016-02-01 09:38:21 +01:00